icon/x Created with Sketch.

Splunk Cookie Policy

We use our own and third-party cookies to provide you with a great online experience. We also use these cookies to improve our products and services, support our marketing campaigns, and advertise to you on our website and other websites. Some cookies may continue to collect information after you have left our website. Learn more (including how to update your settings) here.
Accept Cookie Policy

Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

Thank You

Downloading OpenAM
SHA256 checksum (openam_13.tgz) 82f7a6f222c3500ddc11dac128f87f77e324d23fd918ebed40ac097f71a8388f SHA256 checksum (openam_12.tgz) bd94c451ee1a9a614b11d2816f51c3b82dc5736b26aee38f8d28d3ea82fa9255 SHA256 checksum (openam_11.tgz) 9dde00dfc8d09b87b94af0ec07d5de5bf0c7546c6d1ebac02fd34e4b09b85b18 SHA256 checksum (openam_10.tgz) 2a4310dc17554b45c7809973874daa687e52f904fbfa33c1f4608026ea6637a8
To install your download
For instructions specific to your download, click the Details tab after closing this window.

Flag As Inappropriate

OpenAM

This app has been archived. Learn more about app archiving.
Admins: Please read about Splunk Enterprise 8.0 and the Python 2.7 end-of-life changes and impact on apps and upgradeshere.
Overview
Details
The Splunk for OpenAM App provides security reporting and analysis tool for OpenAM log data (open source access management, entitlements and federation server platform) through dashboards on authentications, users, and applications, as well as a tracking interface to explore users' authentication events.

Description

The Splunk for OpenAM App provides security reporting and analysis tool for OpenAM log data (open source access management, entitlements and federation server platform) through dashboards on authentications, users, and applications, as well as a tracking interface to explore users' authentication events.

Prerequisites

This App has been developped on Splunk 6.4 with OpenAM v12.
- Splunk 6.2 or ulterior is a prerequisite
- Other OpenAM versions have not been qualified and fields' extractions may have to be adapted if necessary
- For all other prerequisites, please refer to instructions below

Instructions

Please refer to Readme pages for installation and configuration instructions :
- CLI : vi $SPLUNK_HOME/etc/apps/SplunkforOpenAM/README.txt
- WebUI : Click on "Readme" page on Navigation Menu of "Splunk for OpenAM" App

FAQ

Service Providers dashboard is very slow on Splunk versions prior to 6.3.
--> Please upgrade at least to Splunk 6.3 for best performances.

Splunk Navigation Menu is not displayed on Readme page on Splunk versions prior to 6.4.
--> Please upgrade at least to Splunk 6.4 to display the navigation menu on this page

Tracking dashboard returns "Invalid latest_time: latest_time must be after earliest_time." error when clicking on a line.
--> Please don't use "All Time" in DataRangePicker for this dashboard.

This App doesn't work since v1.2 upgrade
--> Since v1.2, search requests have been modified to search only by sourcetypes instead of using an "openam" index by default (This allow you to use your own index).
--> If a specific index is used (like "openam"), please add this index to be searched by default in user role or modify search requests on dashboards to use this index.

Server inputs on dashboards returns all devices, even if it's not an OpenAM server.
--> Since v1.2, populating search has been modified to not search in an "openam" index by default
--> To return only OpenAM servers on dashboards inputs, please modify populating search requests by specifying your index (for example, replace "| metadata index=* type=hosts" by "| metadata index=openam type=hosts" if your OpenAM logs are in an index named "openam").

Support

Support is on a best-effort basis.
Please select the "Ask a question" button (on the right) if you encounter issue or to post a question/suggestion (tagged with this app).

Change Log

v1.3

  • local.meta file removed.

v1.2

  • Search requests and readme files have been modified so that an "openam" index is not a prerequisite anymore.

v1.1

  • Import of splunkjs/mvc/headerview and splunkjs/mvc/footerrview deleted in Readme.html file
  • Sourcetypes added in searches where it was missing
  • Label modified in "OpenAM" to match name on Splunkbase

v1.0
Initial release.

Release Notes

Version 1.3
Nov. 22, 2016

*** local.meta file removed (please read carefully readme files and details section on this page if you encounter any issue after upgrading this app from v1.0 or v1.1) ******

Version 1.2
Nov. 22, 2016

*** Search requests and instructions modified so that an index named "openam" is not a prerequisite anymore (please read carefully readme files and details section on this page if you encounter any issue after the upgrade) ***

Version 1.1
Nov. 14, 2016

*** Import of splunkjs/mvc/headerview and splunkjs/mvc/footerrview deleted in Readme.html file
*** Sourcetypes added in searches where it was missing
*** Label modified in "OpenAM" to match name on Splunkbase

Version 1.0
Oct. 18, 2016

Initial release.

10
Installs
369
Downloads
Share Subscribe LOGIN TO DOWNLOAD

Subscribe Share

AppInspect Tooling

Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.

Follow Us:
© 2005-2020 Splunk Inc. All rights reserved.
Splunk®, Splunk>®, Listen to Your Data®, The Engine for Machine Data®, Hunk®, Splunk Cloud™, Splunk Light™, SPL™ and Splunk MINT™ are trademarks and registered trademarks of Splunk Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners.