Splunk® Enterprise

Splunk Analytics for Hadoop

Download manual as PDF

Download topic as PDF

Configure Kerberos authentication

To configure Kerberos authentication, add the following lines to the relevant provider stanza in indexes.conf:

vix.hadoop.security.authentication = kerberos
vix.java.security.krb5.kdc = <kerberos server name>
vix.java.security.krb5.realm = <kerberos default realm>
vix.kerberos.principal = <kerberos principal name of the user you want Splunk Analytics for Hadoop to interact with Hadoop, for example: SAH@YOUR-REALM.COM>
vix.kerberos.keytab = <kerberos keytab path, i.e., /path/yourdir.keytab>
vix.hadoop.security.authorization = <hadoop security authorization true/false>
vix.dfs.namenode.kerberos.principal = <hadoop namenode kerberos principal name, i.e., hdfs/_HOST@YOUR-REALM.COM>
vix.mapreduce.jobtracker.kerberos.principal = <the hadoop jobtracker kerberos principal name, i.e., mapred/_HOST@YOUR-REALM.COM>
vix.hadoop.security.auth_to_local = <the mapping from Kerberos principals to short names (optional)>
vix.mapred.job.reuse.jvm.num.tasks = 1 

Note: Setting vix.mapred.job.reuse.jvm.num.tasks = 1 lets you avoid ENOENT task failures (detailed here: https://issues.apache.org/jira/browse/MAPREDUCE-4490).

If you are using YARN, you must also add the following property to the provider stanza:

vix.yarn.resourcemanager.principal = yarn/_HOST@YOUR-REALM.COM
vix.yarn.nodemanager.principal = yarn/_HOST@YOUR-REALM.COM
# kerberos with Hive
vix.hive.metastore.sasl.enabled = <true|false> 
vix.hive.metastore.kerberos.principal = <service principal for the metastore thrift server>

If you are preprocessing Hive via a metastore, vix.hive.metastore.sasl.enabled must be set to "true".

Last modified on 09 September, 2016
PREVIOUS
Add or edit a virtual index in Splunk Web
  NEXT
About pass-through authentication

This documentation applies to the following versions of Splunk® Enterprise: 6.5.0, 6.5.1, 6.5.2, 6.5.3, 6.5.4, 6.5.5, 6.5.6, 6.5.7, 6.5.8, 6.5.9, 6.5.10, 6.6.0, 6.6.1, 6.6.2, 6.6.3, 6.6.4, 6.6.5, 6.6.6, 6.6.7, 6.6.8, 6.6.9, 6.6.10, 6.6.11, 6.6.12, 7.0.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.0.7, 7.0.8, 7.0.9, 7.0.10, 7.0.11, 7.0.13, 7.1.0, 7.1.1, 7.1.2, 7.1.3, 7.1.4, 7.1.5, 7.1.6, 7.1.7, 7.1.8, 7.1.9, 7.1.10, 7.2.0, 7.2.1, 7.2.2, 7.2.3, 7.2.4, 7.2.5, 7.2.6, 7.2.7, 7.2.8, 7.2.9, 7.2.10, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, 7.3.5, 7.3.6, 7.3.7, 8.0.0, 8.0.1, 8.0.2, 8.0.3, 8.0.4, 8.0.5, 8.0.6, 8.1.0


Was this documentation topic helpful?

Enter your email address, and someone from the documentation team will respond to you:

Please provide your comments here. Ask a question or make a suggestion.

You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters