About multifactor authentication with Duo Security
Multifactor authentication lets you configure a primary and secondary login for your Splunk Enterprise users. Duo Security multifactor authentication secures Splunk Web logins. Splunk Cloud Platform does not support multifactor authentication with Duo Security.
With Splunk Enterprise with Duo Security multifactor authentication, you must set up a second authentication method and then use that method for future logins. The login workflow is as follows:
- You log into Splunk Web page using your login credentials. This is the primary login.
- You then see a second login page, "Duo Authentication". This is the secondary login.
- The first time you log in, you follow the instructions on the Duo login page to set up your preferred method for accessing your secondary credentials:
- Login with credentials sent through a push notification on your your smart phone (Duo Security Mobile app required).
- Login with credentials sent through an SMS message to your cell phone.
- Login with credentials sent through a phone call made to your cell phone.
- Login by entering a one time code that the Duo Mobile app generates.
- After the initial login and configuration, every time you reach the secondary login, you receive those login credentials using your preferred method.
Set up Duo Security for multifactor authentication
- Create an account for your Splunk Enterprise configuration on the Duo website. Visit the Duo website for more information on how to create accounts in Duo.
- Provide Splunk Enterprise with the information from your Duo Security Account. See Configure Splunk to use Duo Security multifactor authentication for more information.
Remove an LDAP user safely on Splunk Enterprise
Configure Splunk Enterprise to use Duo Security multifactor authentication
This documentation applies to the following versions of Splunk® Enterprise: 7.1.3, 7.1.4, 7.1.5, 7.1.6, 7.1.7, 7.1.8, 7.1.9, 7.1.10, 7.2.0, 7.2.1, 7.2.2, 7.2.3, 7.2.4, 7.2.5, 7.2.6, 7.2.7, 7.2.8, 7.2.9, 7.2.10, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, 7.3.5, 7.3.6, 7.3.7, 7.3.8, 7.3.9, 8.0.0, 8.0.1, 8.0.2, 8.0.3, 8.0.4, 8.0.5, 8.0.6, 8.0.7, 8.0.8, 8.0.9, 8.0.10, 8.1.0, 8.1.1, 8.1.2, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.2.0, 8.2.1, 8.2.2