Project

General

Profile

Install and Configuration » History » Version 12

Luke Murphey, 11/24/2014 10:29 PM

1 8 Luke Murphey
{{>toc}}
2 8 Luke Murphey
3 1 Luke Murphey
h1. Configuring RADIUS Authentication App
4 1 Luke Murphey
5 1 Luke Murphey
Below are the steps for configuring Splunk to use the RADIUS authentication app with a RADIUS server.
6 1 Luke Murphey
7 1 Luke Murphey
h2. Configure Your RADIUS Server
8 1 Luke Murphey
9 12 Luke Murphey
Before you configure Splunk, you'll need to setup your RADIUS server per the vendor's documentation.  Below are some links to information on how to setup some vendors:
10 12 Luke Murphey
11 12 Luke Murphey
* [[Configuring_IAS|Microsoft IAS]]
12 12 Luke Murphey
* [[Configuring_Cisco_ISE|Cisco ISE]]
13 1 Luke Murphey
14 8 Luke Murphey
The RADIUS authentication app will load roles from the RADIUS server if you set up an attribute containing a comma or colon list of roles. You'll need to configure the RADIUS authentication app to tell it which attribute it ought to us to find the roles. See [[Configuring_Roles]] for more information.
15 8 Luke Murphey
16 5 Luke Murphey
h2. Configure The RADIUS Authentication Splunk App (using the setup screen)
17 1 Luke Murphey
18 1 Luke Murphey
You'll need the following information from your RADIUS server in order to configure Splunk:
19 1 Luke Murphey
20 1 Luke Murphey
 # Shared secret
21 1 Luke Murphey
 # RADIUS server address
22 1 Luke Murphey
 # _(optional)_ username and password of a valid account (so that you can verify the configuration before you save the settings)
23 8 Luke Murphey
 # _(optional)_ the vendor code and attribute ID if loading roles from the RADIUS server
24 1 Luke Murphey
25 1 Luke Murphey
Below are the steps to setup the app:
26 1 Luke Murphey
27 1 Luke Murphey
 # Install the "RADIUS Authentication app":http://splunk-base.splunk.com/apps/47339/radius-authentication
28 1 Luke Murphey
 # Open the setup app and configure the RADIUS authentication app (go to Manager » Apps » click "Set up" for the app "RADIUS Authentication"
29 1 Luke Murphey
 # Enter your RADIUS server settings and save the settings. Enter a sample user account in order to verify the configuration. The setup screen will not persist the settings if the test user account fails (which prevents saving a configuration that does not work).
30 1 Luke Murphey
 # Logout and test the configuration by logging into Splunk. Make sure to use an account that does not exist on the local Splunk install (accounts on the local Splunk install will still authenticate locally and thus will not test the RADIUS server configuration).
31 3 Luke Murphey
32 5 Luke Murphey
h2. Configure The RADIUS Authentication Splunk App (manually)
33 1 Luke Murphey
34 6 Luke Murphey
The radius auth script can be configured manually by editing the file *$SPLUNK_HOME/etc/system/local/authentication.conf* with the following:
35 5 Luke Murphey
36 1 Luke Murphey
<pre>
37 5 Luke Murphey
[radius_auth_script]
38 5 Luke Murphey
scriptPath = "$SPLUNK_HOME/bin/python" "$SPLUNK_HOME/etc/apps/radius_auth/bin/radius_auth.py"
39 5 Luke Murphey
scriptSearchFilters = 0
40 5 Luke Murphey
41 5 Luke Murphey
[authentication]
42 5 Luke Murphey
authType = Scripted
43 5 Luke Murphey
authSettings = radius_auth_script
44 5 Luke Murphey
</pre>
45 5 Luke Murphey
46 1 Luke Murphey
h2. Troubleshooting
47 5 Luke Murphey
48 11 Luke Murphey
See [[Troubleshooting]].