Set up user authentication
This documentation does not apply to the most recent version of Splunk. Click here for the latest version.
Set up user authentication
Splunk ships with support for three types of authentication systems:
- Splunk's own built-in system
- LDAP
- A scripted authentication API for use with an external authentication system, such as PAM or RADIUS
Splunk with an Enterprise license comes with Splunk's built-in authentication enabled by default. Splunk's authentication allows you to add users, assign them to roles, and give those roles custom permissions as needed for your organization.
Important: Splunk's built-in system always takes precedence over any external systems. This is the order in which Splunk authenticates a user:
1. Splunk built-in authentication
2. LDAP authentication (if enabled)
3. Scripted authentication (if enabled)
If your enterprise uses LDAP and you'd like to use the users and groups defined there instead of using Splunk's authentication system, look here for information. To use scripted authentication to connect with a system such as PAM or RADIUS, see this topic.
This documentation applies to the following versions of Splunk: 4.1 , 4.1.1 , 4.1.2 , 4.1.3 , 4.1.4 , 4.1.5 , 4.1.6 , 4.1.7 , 4.1.8 , 4.2 , 4.2.1 , 4.2.2 , 4.2.3 , 4.2.4 , 4.2.5 , 4.3 , 4.3.1 , 4.3.2 , 4.3.3 , 4.3.4 , 4.3.5 , 4.3.6 View the Article History for its revisions.