Splunk Enterprise
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

splunk SSO configuration

martinnepolean
Explorer
‎10-06-2020 04:53 AM

We are working to integrate splunk with IDAM for SSO. WE have three splunk search head cluster for three set of users  groups. On checking the splunk metadata file, IDAM engineer is telling that all three environments has same entity ID and we need to change it to differentiate between the clusters. Please let me know how to do it.

0 Karma
Reply

dmacintosh_splu
Splunk Employee
Splunk Employee
‎10-06-2020 11:12 AM

The documentation covers a number of vendors specifically, please refer to one if it matches your vendor. If not, generally you will find it in the authentication.conf file used in this configuration. entityId is a parameter avaialble and should be the same among members of the same SHC to use smooth single logout. Each SHC entityId used is the change you asked about. 

https://docs.splunk.com/Documentation/Splunk/8.0.6/Security/ConfigureSAMLSSO#Configure_SSO_using_SAM...

0 Karma
Reply

martinnepolean
Explorer
‎10-07-2020 04:06 AM

Thanks for the reply but this link doesn't give any information about changing the entityid of the splunk

0 Karma
Reply

inventsekar
SplunkTrust
SplunkTrust
‎10-07-2020 04:14 AM

Hi @martinnepolean 

this blog is about okta saml, but, it got some info about the entityID.. pls check it.. thanks.

https://www.splunk.com/en_us/blog/cloud/configuring-okta-saml-single-sign-on-with-splunk-cloud-using...

 

thanks and best regards,
Sekar

PS - If this or any post helped you in any way, pls consider upvoting, thanks for reading !
0 Karma
Reply

martinnepolean
Explorer
‎10-08-2020 04:02 AM

@inventsekar This link doesn't have any information for changing entityID of the splunk

0 Karma
Reply
Get Updates on the Splunk Community!

Building Reliable Asset and Identity Frameworks in Splunk ES

 Accurate asset and identity resolution is the backbone of security operations. Without it, alerts are ...

Cloud Monitoring Console - Unlocking Greater Visibility in SVC Usage Reporting

For Splunk Cloud customers, understanding and optimizing Splunk Virtual Compute (SVC) usage and resource ...

Automatic Discovery Part 3: Practical Use Cases

If you’ve enabled Automatic Discovery in your install of the Splunk Distribution of the OpenTelemetry ...