Splunk Enterprise

Configuring SAML via .conf files only - can it be done?

kozanic_mg
Explorer

We are deploying SHC into AWS via  pipeline code and attempting to configure SAML integration as part of the build but having some issues.

When I check using btool, all the saml details are correct, but if I check details via the GUI - nothing is populated and when I attempt to use SAML to login - I get errors about blank content being passed.

If I update the GUI as well - then things seem to work - but this is not something we want to do every time we do a new build.

Just wondering if anyone else out there has come across this and worked something out?

Labels (2)
0 Karma
1 Solution

kozanic_mg
Explorer

So... worked out that I was missing IDP cert change within my new build, once added everything just started working and all SAML settings available within GUI as well.

View solution in original post

0 Karma

kozanic_mg
Explorer

So... worked out that I was missing IDP cert change within my new build, once added everything just started working and all SAML settings available within GUI as well.

0 Karma

kozanic_mg
Explorer

After a weekend to clear the brain - I have found this which indicates that config can be done via .conf files: 
https://docs.splunk.com/Documentation/Splunk/8.1.3/Security/ConfigureSAMLSSO

Now I just have to figure out why it's not working in my environment and why the settings I have configured via files are not showing in the GUI

0 Karma
Get Updates on the Splunk Community!

Introducing Ingest Actions: Filter, Mask, Route, Repeat

WATCH NOW Ingest Actions (IA) is the best new way to easily filter, mask and route your data in Splunk® ...

Splunk Forwarders and Forced Time Based Load Balancing

Splunk customers use universal forwarders to collect and send data to Splunk. A universal forwarder can send ...

NEW! Log Views in Splunk Observability Dashboards Gives Context From a Single Page

Today, Splunk Observability releases log views, a new feature for users to add their logs data from Splunk Log ...