SAML parsing add-on | Splunkbase

My Account

Signup

Support & Services

Search Splunk Documentation Splunk Answers Education & Training User Groups Splunk App Developers Support Portal Contact Us

My Account

Accept License Agreements

This app is provided by a third party and your right to use the app is in accordance with the license provided by that third-party licensor. Splunk is not responsible for any third-party apps and does not provide any warranty or support. If you have any questions, complaints or claims with respect to this app, please contact the licensor directly.

Splunk Websites Terms and Conditions of Use

I have read the terms and conditions of this license and agree to be bound by them.

I consent to Splunk sharing my contact information with the publisher of this app so I can receive more information about the app directly from the publisher.

Thank You

Downloading SAML parsing add-on

SHA256 checksum (saml-parsing-add-on_11.tgz) 518712346ca5a8b2581545716c514a79ef8fc864801c8e714981b420e6462040

SHA256 checksum (saml-parsing-add-on_10.tgz) d0d971e5fd12bbc56bd68d207a58871e930210d95c40382f44137fb5f47dabcc

To install your download

For instructions specific to your download, click the Details tab after closing this window.

splunk

SAML parsing add-on

This app has been archived. Learn more about app archiving.

This app is NOT supported by Splunk. Please read about what that means for you here.

Overview

Details

This add-on adds a Splunk search command named "saml". The saml command parses a SAML message and creates new fields with the name/value data from the SAML message.

The saml search command is able to parse Base64 encoded, URI escaped, and zlib DEFLATED SAML messages.

SAML Utilities add-on

Description

The SAML Utilities add-on for Splunk adds a command named saml to the Splunk search language which can be used to parse encoded SAML messages in Splunk searches.

Installation

SAML Utilities is a standard Splunk add-on and requires no special configuration.

Usage

The saml command is implemented as a single search command which can be used to parse encoded SAML messages.

Usage: saml field

The following example will parse a Base64 encoded SAML AuthnRequest and return a decoded XML string.

... | saml SAMLRequest

field

The Splunk field to parse. This field should contain either a Base64 encoded XML string or a plain text XML String (multi-line XML strings are supported)

SAML Reference

https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security
http://en.wikipedia.org/wiki/Security_Assertion_Markup_Language

Release Notes

Version 1.1

March 3, 2016

Commented invalid keys (comments) in commands.conf to suppress Splunk startup errors.

Version 1.0

April 16, 2015

461

Downloads

Share Subscribe

Version

Built by

Brett Carroll

Support

Not Supported

Questions on Splunk Answers Flag as inappropriate

Compatibility

Products: Splunk Enterprise

Products: Splunk Enterprise

Platform: Platform Independent

Platform: Platform Independent

Licensing

Apache License

Category & Contents

Categories: Utilities

App Type: App

Subscribe Share

Are you a developer?

As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps from Splunk, our partners and our community. Find an app for most any data source and user need, or simply create your own with help from our developer portal.

Submit New Splunk App Dev Resources

Follow Us:

© 2005-2024 Splunk Inc. All rights reserved.

Sitemap | Privacy | Website Terms of Use | Splunk Licensing Terms | Export Control | Modern Slavery Statement | Splunk Patents | Report a Problem

Splunk, Splunk>,Turn Data Into Doing, Data-to-Everything, and D2E are trademarks or registered trademarks of Splunk Inc. in the United States and other countries. All other brand names,product names,or trademarks belong to their respective owners.