I have been asked to ensure that the DOD CAC can be used to log into the Splunk Search Heads. Does anyone know how to do this? Is there any documentation somewhere i can reference.
Thanks much.
In our environment, users log in to their workstations with a card that is similar to DOD CAC. Their authentication is done with an ADFS server. When they access Splunk, we are using SAML authentication to verify their identity. Is this what you're looking for? If so, there are a few options:
Thanks so much for the response. No i was more looking into how to get them to log into Splunk using the CAC without involving any third party tools. Is that possible?
Do you mean you want them to use a CAC to log in without having some kind of SSO identity provider, such as ADFS? I don't know of any such way to do that. But if Splunk is running in a traditional enterprise environment where users a logging into their workstations with a CAC, then integration with ADFS is pretty straightforward.
As it turns out splunk does not have any direct method. So they provided documentation to utilize a proxy with the CAC.
Good morning,
May I have a copy of that documentation? I am trying to get the same thing done with our Splunk server.
Thank you