Thanks For Downloading!
Review the documentation below and follow any custom installation steps. If no install steps are listed, most Splunk Apps and Add-ons can be installed as follows:
Unix/Linux: Decompress the downloaded file using a tool like
Provides a mechanism for enabling Splunk to authenticate users via a RADIUS server. This app includes a setup page in order to make it easy to configure.
Versions and Release Notes
Version 1.3.0 (current version - updated Nov 20, 2012)
* Added ability to set user roles in a lookup file
Version 1.2.0 (updated Oct 10, 2012)
* Now supports a backup server that is used if the primary fails (can be added in the setup screen)
Version 1.0 (updated Oct 10, 2012)
Version 1.1.1 (updated Aug 27, 2012)
* The setup screen now allows users to test an account without entering the secret if it is already defined
Version 1.1 (updated Aug 13, 2012)
Version 1.0.1 (updated Jul 30, 2012)
Fixed issue where the setup page did not deploy the authentication script correctly
This was easy to install and configure. The only gotcha I ran into was missing the line in the documentation that states that if you have a local account in Splunk, you will authenticate against the local account and not the RADIUS account. A second reading of item #4 cleared up that bit of confusion.
But it would be nice to be able to have a local account that will authenticate against RADIUS, specifically so that the various RADIUS users can have their unique Default App defined.
This is an addendum to my review as a caveat: Because my Local Splunk Username is the same as the username in RADIUS, I created a myusername_local account and deleted myusername local account. The old myusername local account owns a significant number of apps, searches, etc. All my nightly scheduled searches ran, but my real-time searches that are owned my myusername local account for alerts are failing with:
-- Search generated the following messages -- Message Level: FATAL 1. Error in 'search' command: You do not have permission to spawn real-time searches.