×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
scruggsster
New Member
Member since: ‎03-05-2015
‎06-05-2020
Community Statistics
Posts 1
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎03-05-2015
Topics I've Started
No posts to display.
View All

Re: Splunk App for PingFederate: I can can see spl...

by in All Apps and Add-ons
‎08-13-2015 01:28 PM
‎08-13-2015 01:28 PM
There are a few things you may need to further answer and check to see if you have un-commented out the appender earlier in the log4j*xml I put * now that they have moved to log4j2.xml in the latest (8.0.1) release. <appender-ref ref="SecurityAudit2Splunk"/> should go where SecurityAudit2File is on the line below. You also have to do this for every configuration, Do a search for `` and update every config that you want this active for (*Sp, Idp, OAuth, etc.) Example for SP Audit Logging, Should look like: Logger name="org.sourceid.websso.profiles.sp.SpAuditLogger" level="INFO" additivity="false" includeLocation="false"> <appender-ref ref="SecurityAudit2File" /> <appender-ref ref="SecurityAudit2Splunk"/> *Remember to do this for any Audit logging configuration you need to see logs for. ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:04 AM