Splunk® Enterprise

Admin Manual

Download manual as PDF

Splunk version 4.x reached its End of Life on October 1, 2013. Please see the migration information.
This documentation does not apply to the most recent version of Splunk. Click here for the latest version.
Download topic as PDF

Set up user authentication

Splunk ships with support for three types of authentication systems:

Splunk with an Enterprise license comes with Splunk's built-in authentication enabled by default. Splunk's authentication allows you to add users, assign them to roles, and give those roles custom permissions as needed for your organization.

Important: Splunk's built-in system always takes precedence over any external systems. This is the order in which Splunk authenticates a user:

1. Splunk built-in authentication

2. LDAP authentication (if enabled)

3. Scripted authentication (if enabled)

If your enterprise uses LDAP and you'd like to use the users and groups defined there instead of using Splunk's authentication system, look here for information. To use scripted authentication to connect with a system such as PAM or RADIUS, see this topic.

About users and roles
Set up user authentication with Splunk's built-in system

This documentation applies to the following versions of Splunk® Enterprise: 4.3, 4.3.1, 4.3.2, 4.3.3, 4.3.4, 4.3.5, 4.3.6, 4.3.7

Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters