#SPLUNK AUTHENTICATION CONF HOW TO#
On Windows, there is no support for IPV6 address formats for the host setting.įor examples of how to create nf, see the nf spec file. There are additional settings that you can configure see the nf specification file for those settings and their descriptions. When you configure an LDAP strategy stanza, you must specify a minimum of the following settings and values:Įither you or your LDAP administrator must provide the minimum setting values described here. For example, if you configured authSettings=ad_ldap, then there must be a stanza called ad_ldap where the Splunk platform can look for settings and values for the ad_ldap strategy. The stanza names for any LDAP strategies you specify must match the names that you specified in authSettings.
The nf file represents this as the authSettings setting, where you specify at least one strategy, and a group of settings under a stanza for each strategy that you specify in the authSettings setting. When you change the authentication scheme on the Splunk platform from native to LDAP, you must specify at least one LDAP strategy for the instance to connect to when it performs authentication. How nf works with LDAP and LDAP strategies If you prefer to configure LDAP with Splunk Web, see Configure LDAP with Splunk Web. For general information on editing configuration files, see About configuration files In the Admin Manual. The nf configuration file controls how Splunk Enterprise interacts with LDAP services for authentication.Įdit the nf file in $SPLUNK_HOME/etc/system/local/. For more information about roles and capabilities, read About role-based user access.You can make changes to how Splunk Enterprise authenticates with servers that run the Lightweight Directory Access Protocol (LDAP). You can create and assign users to roles either in Splunk Web, on Splunk Cloud Platform and Splunk Enterprise, or by editing the nf configuration file on Splunk Enterprise only. See Set up user authentication with external systems for more information. Use scripted authentication to integrate Splunk authentication with an external authentication system, such as Remote Authentication Dial-in User Service (RADIUS) or Pluggable Authentication Module (PAM). Includes the ability to use Duo or RSA Manager. Lets you use two or more services to provide authentication access to Splunk platform resources. See Configure single sign-on with SAML for additional information. The Splunk platform supports contacting an identity provider (IdP) that uses the SAML version 2.0 protocol and retrieving user information that can be mapped to Splunk roles.
Security Assertion Markup Language (SAML) See Set up user authentication with LDAP for more information. The Splunk platform supports authentication with its internal authentication services or your existing LDAP server. Lightweight Directory Access Protocol (LDAP) See Set up native Splunk authentication for more information. If you have an active license, native authentication is on by default. You can define your own roles using a list of Splunk capabilities. The native scheme provides the Admin, Power, and User roles by default. Native Splunk authentication takes precedence over any external authentication schemes. The Splunk platform uses the following authentication schemes:
#SPLUNK AUTHENTICATION CONF LICENSE#
You must have an active license for authentication to work. The Splunk platform has several schemes that you can use for authentication. Authentication lets you add users, assign roles to them, and give those roles access to resources as you need for your organization.Īn authentication scheme is a method that the Splunk platform uses to authorize a user to access services and resources that the platform provides.
0 kommentar(er)
