Configure Splunk to Use a vCenter/PSC as a SAML IdP
Why Use a VMware vSphere Platform Service Controller? As mentioned in a previous post, Splunk Enterprise is a fantastic application for handling the massive amount of log data generated by VMware virtualization environments. Since every VMware vCenter deployment includes at least a single Platform Service Controller (PSC), you can easily configure your Splunk Enterprise deployment to use the same authentication services making it easier to access your log data. Items to Keep in Mind Splunk Enterprise requires that the following information be passed back as part of the SAML assertion from the IdP: Role Splunk Enterprise will use the following information if it is passed back as part of the SAML assertion from the IdP: Email, Real Name As of Splunk Enterprise version 7.
Configure Splunk to Use VMware Identity Manager as a SAML IdP
Splunk Enterprise is an awesome platform for analyzing massive amounts of data at scale. Because of this, it’s a popular system for aggregating log data from VMware virtualization environments. Its flexibility and ability to search through significant quantities of log data at great speeds is why I’ve been utilizing it for years. Today I’m going to go over the process to integrate VMware Identity Manager (vIDM) as a SAML 2.0 identity provider (IdP) for Splunk Enterprise authentication.