Skip to content
Permalink
Browse files

Created operations guide and moved appropriate content here.

  • Loading branch information...
hobbes-the-tiger committed Jul 31, 2019
1 parent a3882fb commit d7444e23f1fc485ec273095c72112e29b0de17cd
Showing with 153 additions and 61 deletions.
  1. +2 −2 content/alerts/email.md
  2. +1 −1 content/api/ingest-api.md
  3. +1 −1 content/appendix/instance-sizing.md
  4. +2 −2 content/glossary/cluster-nodes.md
  5. +2 −2 content/integrations/data-shippers/fluentd.md
  6. +1 −1 content/integrations/data-shippers/others.md
  7. +3 −3 content/integrations/data-shippers/statsd.md
  8. +1 −1 content/integrations/other/nginx.md
  9. +1 −1 content/integrations/platform-integrations/docker-integration.md
  10. +1 −1 content/integrations/platform-integrations/heroku.md
  11. +17 −0 content/operations-guide/_index.md
  12. +3 −2 content/{ → operations-guide}/administration/_index.md
  13. +1 −0 content/{ → operations-guide}/administration/adding-a-node.md
  14. +1 −1 content/{ → operations-guide}/administration/backup.md
  15. +1 −1 content/{ → operations-guide}/administration/blacklisting-queries.md
  16. +1 −1 content/{ → operations-guide}/administration/digest-rules.md
  17. +2 −2 content/{ → operations-guide}/administration/disabling-ingest.md
  18. +1 −0 content/{ → operations-guide}/administration/metrics.md
  19. +1 −0 content/{ → operations-guide}/administration/removing-a-node.md
  20. +1 −0 content/{ → operations-guide}/administration/replacing-hardware.md
  21. +1 −1 content/{ → operations-guide}/administration/storage-rules.md
  22. +1 −1 content/{ → operations-guide}/administration/updating-humio.md
  23. +2 −1 content/{ → operations-guide}/configuration/_index.md
  24. +1 −1 content/{ → operations-guide}/configuration/authentication/_index.md
  25. +1 −0 content/{ → operations-guide}/configuration/authentication/auth-by-proxy.md
  26. +3 −2 content/{ → operations-guide}/configuration/authentication/auth0.md
  27. +3 −2 content/{ → operations-guide}/configuration/authentication/ldap.md
  28. +1 −1 content/{ → operations-guide}/configuration/authentication/oauth.md
  29. +2 −1 content/{ → operations-guide}/configuration/authentication/role-based-auth.md
  30. +1 −1 content/{ → operations-guide}/configuration/authentication/saml/_index.md
  31. +2 −2 content/{ → operations-guide}/configuration/authentication/saml/aad.md
  32. +4 −4 content/{ → operations-guide}/configuration/authentication/saml/duo-security.md
  33. +1 −0 content/{ → operations-guide}/configuration/authentication/single-user.md
  34. +20 −0 content/operations-guide/configuration/basic-configuration/_index.md
  35. +1 −0 content/{configuration → operations-guide/configuration/basic-configuration}/akka-configuration.md
  36. +1 −1 content/{configuration → operations-guide/configuration/basic-configuration}/audit-logging.md
  37. +2 −1 content/{configuration → operations-guide/configuration/basic-configuration}/email_configuration.md
  38. +1 −0 content/{configuration → operations-guide/configuration/basic-configuration}/jvm-configuration.md
  39. +1 −0 content/{configuration → operations-guide/configuration/basic-configuration}/kafka-switch.md
  40. +1 −0 content/{configuration → operations-guide/configuration/basic-configuration}/kafka_configuration.md
  41. +1 −0 content/{configuration → operations-guide/configuration/basic-configuration}/license-management.md
  42. +2 −1 content/{configuration → operations-guide/configuration/basic-configuration}/proxy.md
  43. +1 −0 content/{configuration → operations-guide/configuration/basic-configuration}/retention.md
  44. +1 −0 content/{configuration → operations-guide/configuration/basic-configuration}/root-access.md
  45. +2 −1 content/{configuration → operations-guide/configuration/basic-configuration}/secondary-storage.md
  46. +2 −1 ...n/user-management.md → operations-guide/configuration/basic-configuration/user-authentication.md}
  47. +1 −0 content/{ → operations-guide}/configuration/reverse-proxy/_index.md
  48. +1 −0 content/{ → operations-guide}/configuration/reverse-proxy/caddy-reverse-proxy.md
  49. +1 −0 content/{ → operations-guide}/configuration/reverse-proxy/nginx-reverse-proxy.md
  50. +1 −0 content/{ → operations-guide/configuration}/sending-data-to-humio/_index.md
  51. +3 −2 content/{ → operations-guide/configuration}/sending-data-to-humio/ingest-listeners.md
  52. +1 −1 content/{ → operations-guide/configuration}/sending-data-to-humio/ingest-tokens.md
  53. +2 −1 content/{ → operations-guide}/installation/_index.md
  54. +2 −1 content/{ → operations-guide}/installation/ansible.md
  55. +1 −0 content/{ → operations-guide}/installation/aws.md
  56. +1 −0 content/{ → operations-guide}/installation/bare-metal.md
  57. +2 −2 content/{ → operations-guide}/installation/cluster_setup.md
  58. +2 −1 content/{ → operations-guide}/installation/docker.md
  59. +1 −0 content/{ → operations-guide}/installation/kubernetes_deployment.md
  60. +1 −0 content/{ → operations-guide}/installation/nomad.md
  61. +2 −1 content/{ → operations-guide}/installation/preparation.md
  62. +2 −1 content/{ → operations-guide}/parsers/_index.md
  63. +1 −0 content/{ → operations-guide}/parsers/assigning-parsers-to-ingest-tokens.md
  64. +1 −0 content/{ → operations-guide}/parsers/built-in-parsers/_index.md
  65. +1 −0 content/{ → operations-guide}/parsers/built-in-parsers/accesslog.md
  66. +1 −0 content/{ → operations-guide}/parsers/built-in-parsers/bro-json.md
  67. +1 −0 content/{ → operations-guide}/parsers/built-in-parsers/corelight-json.md
  68. +1 −0 content/{ → operations-guide}/parsers/built-in-parsers/json.md
  69. +1 −0 content/{ → operations-guide}/parsers/built-in-parsers/kv-millis.md
  70. +1 −0 content/{ → operations-guide}/parsers/built-in-parsers/kv.md
  71. +1 −0 content/{ → operations-guide}/parsers/built-in-parsers/serilog.md
  72. +1 −0 content/{ → operations-guide}/parsers/built-in-parsers/syslog-utc.md
  73. +2 −1 content/{ → operations-guide}/parsers/built-in-parsers/syslog.md
  74. +1 −1 content/{ → operations-guide}/parsers/creating-a-parser.md
  75. +2 −1 content/{ → operations-guide}/parsers/errors.md
  76. +1 −1 content/{ → operations-guide}/parsers/tagging.md
  77. +1 −0 content/{ → operations-guide}/parsers/timestamps.md
  78. +1 −0 content/{guides → operations-guide/use_cases}/_index.md
  79. +1 −0 content/{guides → operations-guide/use_cases}/bro.md
  80. +1 −0 content/{guides → operations-guide/use_cases}/getting-started-application-logs.md
  81. +1 −0 content/{guides → operations-guide/use_cases}/linux.md
  82. +1 −0 content/{guides → operations-guide/use_cases}/moving-from-elastic-stack.md
  83. +1 −0 content/{guides → operations-guide/use_cases}/triggering-shell-scripts-from-webhooks.md
  84. +3 −3 content/tutorial/_index.md
@@ -5,7 +5,7 @@ title: "Email"
The email notifier sends alerts as emails.

{{% notice tip %}}
If you are hosting Humio yourself, you must [configure how emails are send]({{< ref "configuration/email_configuration.md" >}}).
If you are hosting Humio yourself, you must [configure how emails are send]({{< ref "../operations-guide/configuration/basic-configuration/email_configuration.md" >}}).
{{% /notice%}}

This notifier will by default send out a nicely styled email with the most
@@ -14,4 +14,4 @@ important aspects of an alarm, including a link back into Humio with the result.
Should you for some reason want to modify the e-mail you can do so by checking
"Use custom email template" and fill out the "Message Body Template".
See [Notifier templates]({{< ref "alerts/_index.md#templates" >}}) for how
to use our templates.
to use our templates.
@@ -49,7 +49,7 @@ Example sending 4 accesslog lines to Humio
]
```

The above example sends 4 accesslog lines to Humio. In this case we have attached an `accesslog` parser to the [ingest token]({{< relref "sending-data-to-humio/ingest-tokens.md" >}}) we are using. See [parsing]({{< relref "parsers/_index.md" >}}) for details.
The above example sends 4 accesslog lines to Humio. In this case we have attached an `accesslog` parser to the [ingest token]({{< relref "../operations-guide/configuration/sending-data-to-humio/ingest-tokens.md" >}}) we are using. See [parsing]({{< relref "parsers/_index.md" >}}) for details.
The `fields` section is used to specify fields that should be added to each of the events when they are parsed. In the example all the accesslog events will get a host field telling the events came from `webhost1`.
It is possible to send events of different types in the same request. That is done by adding a new element to the outer array in the example above.
Tags can be specified through the parser.
@@ -114,7 +114,7 @@ the cache runs full. The 3.8TB SSD would hold ~150 days of ingest data.

With ephemeral SSD storage, you'd want to setup EBS instances for live backup (and Kafka's storage),
so that you can load the Humio data onto a fresh machine quickly. Humio live backup live-replicates all data
to a separate network drive such that data loss is prevented even for ephemeral disks. See [Backup]({{< ref "administration/backup.md" >}}).
to a separate network drive such that data loss is prevented even for ephemeral disks. See [Backup]({{< ref "/operations-guide/administration/backup.md" >}}).


## Live Queries / Dashboards
@@ -10,8 +10,8 @@ account menu.

### Common Node Tasks

- [Adding a cluster node]({{< ref "/administration/adding-a-node.md" >}})
- [Removing a cluster node]({{< ref "/administration/removing-a-node.md" >}})
- [Adding a cluster node]({{< ref "../operations-guide/administration/adding-a-node.md" >}})
- [Removing a cluster node]({{< ref "../operations-guide/administration/removing-a-node.md" >}})
- [Updating node's Humio version]({{< ref "updating-humio.md" >}})

## Node Roles
@@ -20,9 +20,9 @@ For the full documentation on FluentD please see the [official documentation](ht
Some of the most commons parameters in the [Elasticsearch Output Plugin](https://docs.fluentd.org/v1.0/articles/out_elasticsearch) are

* `host`: The hostname of your Humio instance.
* `port`: The port of where Humio is exposing the Elastic Endpoint. Don't forget to enable `ELASTIC_PORT` the [Configuration parameter]({{< ref "configuration" >}}).
* `port`: The port of where Humio is exposing the Elastic Endpoint. Don't forget to enable `ELASTIC_PORT` the [Configuration parameter]({{< ref "/operations-guide/configuration" >}}).
* `scheme`, `ssl_version`: Depending on whether TLS is enabled on `host`:`port`, this should be set to either `https` or `http`. Humio Cloud has TLS enabled. In [some cases](https://github.com/uken/fluent-plugin-elasticsearch/issues/439) it is necessary to specify the SSL version.
* `user` and `password`: while `password` can be ignore, but must be present, `user` should be set to an [ingest token]({{< ref "/sending-data-to-humio/ingest-tokens.md" >}}).
* `user` and `password`: while `password` can be ignore, but must be present, `user` should be set to an [ingest token]({{< ref "../../operations-guide/configuration/sending-data-to-humio/ingest-tokens.md" >}}).


### Output Plugin configuration for [Humio Cloud](https://cloud.humio.com/)
@@ -30,6 +30,6 @@ Contact us if you have trouble getting this working e.g. getting errors when try
to make a client work against the API.

## Graylog Extended Log Format (GELF) {#gelf-api}
Humio is compatible with the [Graylog Extended Log Format (GELF)](http://docs.graylog.org/en/2.4/pages/gelf.html) using UDP or TCP as transport. Refer to [Ingest listeners]({{< ref "sending-data-to-humio/ingest-listeners.md" >}}) to setup such a listener.
Humio is compatible with the [Graylog Extended Log Format (GELF)](http://docs.graylog.org/en/2.4/pages/gelf.html) using UDP or TCP as transport. Refer to [Ingest listeners]({{< ref "../../../operations-guide/configuration/sending-data-to-humio/ingest-listeners.md" >}}) to setup such a listener.

GELF over HTTP is not yet implemented. Please get in touch with us if you need it.
@@ -20,16 +20,16 @@ The StatsD format is very simple. In it's simplest form it looks something like
<metricname>:<metricvalue>|<metrictype>
```

Start by [creating a new parser]({{< ref "parsers/creating-a-parser" >}}) with the following regex
Start by [creating a new parser]({{< ref "../../operations-guide/parsers/creating-a-parser" >}}) with the following regex

```regexp
(?<metricname>\w+?):(?<metricvalue>[-+]?[\d\.]+?)\|(?<metrictype>\w+?)(\|@(?<metricsampling>[\d\.]+?))?
```

And no _Parse timestamp_ and _Parse key values_. Finally give it a name, i.e. "statsd".

Next, create an [ingest listener]({{< ref "sending-data-to-humio/ingest-listeners" >}}) with the statsd parser.
Next, create an [ingest listener]({{< ref "../../../operations-guide/configuration/sending-data-to-humio/ingest-listeners" >}}) with the statsd parser.

{{% notice note %}}
We strongly recommend using an UDP ingest listener for non-aggregated StatsD data
{{% /notice %}}
{{% /notice %}}
@@ -43,7 +43,7 @@ output.elasticsearch:

See the page on [Filebeat]({{< ref "filebeat.md" >}}) for further details.

The above Filebeat configuration uses the [built-in parser `accesslog`]({{< ref "/parsers/built-in-parsers/accesslog.md" >}}).
The above Filebeat configuration uses the [built-in parser `accesslog`]({{< ref "../../operations-guide/parsers/built-in-parsers/accesslog.md" >}}).
The parser can parse logs formatted in the default Nginx log configuration.
If your log Nginx configuration is modified, create a [custom parser]({{< relref "parsers/_index.md" >}}), by copying the accesslog parser and modifying it.
Then [connect the parser to the ingest token]({{< ref "assigning-parsers-to-ingest-tokens.md" >}}) or put its name as the value of the @type field in the Filebeat configuration.
@@ -28,7 +28,7 @@ docker run --rm -it \
Where:

* `$BASEURL` - is the base URL of your Humio server (e.g. `https://cloud.humio.com` or `http://localhost:8080`)
* `$INGEST_TOKEN` - is the [ingest token]({{< ref "/sending-data-to-humio/ingest-tokens.md" >}}) for your repository, (e.g. a string such as `fS6Kdlb0clqe0UwPcc4slvNFP3Qn1COzG9DEVLw7v0Ii`).
* `$INGEST_TOKEN` - is the [ingest token]({{< ref "../../../operations-guide/configuration/sending-data-to-humio/ingest-tokens.md" >}}) for your repository, (e.g. a string such as `fS6Kdlb0clqe0UwPcc4slvNFP3Qn1COzG9DEVLw7v0Ii`).

### Parsing the logs

@@ -34,4 +34,4 @@ Anything after that is specific to the particular kind of log.
To deal with this, you can define a parser with the name of the application and the process (sans the `.3`) `"heroku_${app}_${process}"` (in this case `heroku_app_web`). If such a parser exists in the repository, then it will be used to do further data extration in the log's message.

Finally, you can apply a parser by [assigning a
specific parser to the Ingest API Token]({{< ref "parsers/assigning-parsers-to-ingest-tokens.md" >}}) used to authenticate the client.
specific parser to the Ingest API Token]({{< ref "../../operations-guide/parsers/assigning-parsers-to-ingest-tokens.md" >}}) used to authenticate the client.
@@ -0,0 +1,17 @@
---
title: "Operations Guide"
weight: 90
category_title: Operations Guide
---

This is the overall for installing and configuring Humio.

* [Installating Humio]({{< ref "installation/" >}})
* [Configuring Humio]({{< ref "configuration/" >}})
- [Basic configuration]({{< ref "configuration/basic-configuration/" >}})
- [Reverse proxy]({{< ref "configuration/reverse-proxy" >}})
- [Setting up authentication in Humio]({{< ref "configuration/authentication" >}})
- [Sending data to Humio]({{< ref "configuration/sending-data-to-humio" >}})
- [Use cases]({{< ref "use_cases" >}})
* [Administering Humio]({{< ref "administration/" >}})
* [Configuring parsers]({{< ref "parsers/" >}})
@@ -2,15 +2,16 @@
title: "Administration"
weight: 701
category_title: Overview
aliases: ["/administration"]
---

This section explains how to handle common tasks when running a Humio instance.
This content was created with a focus on clustered Humio environments.

## User Management

- [Adding a new user]({{< ref "user-management.md#adding-a-user" >}})
- [Removing a user]({{< ref "user-management.md#removing-a-user" >}})
- [Adding a new user]({{< ref "user-authentication.md#adding-a-user" >}})
- [Removing a user]({{< ref "user-authentication.md#removing-a-user" >}})

## Cluster Administration

@@ -7,6 +7,7 @@ related:
- updating-humio.md
- storage-rules.md
- digest-rules.md
aliases: ["/administration/adding-a-node"]
---

There are several reasons why you might want to add more nodes to your Humio
@@ -1,7 +1,7 @@
---
title: "Backup"
weight: 20
aliases: ["configuration/backup"]
aliases: ["configuration/backup", "/administration/backup"]
---

Humio has a built-in backup facility. It only requires a separate
@@ -1,7 +1,7 @@
---
title: "Blacklisting Queries"
weight: 30
aliases: ["configuration/blacklist"]
aliases: ["configuration/blacklist", "/administration/blacklisting-queries"]
---

When necessary, Humio can be configured to prevent matching queries from executing.
@@ -1,7 +1,7 @@
---
title: Digest Rules
weight: 40
aliases: ["/ref/digest-rules"]
aliases: ["/administration/digest-rules", "/ref/digest-rules"]
related:
- storage-rule.md
- ingest-flow.md
@@ -1,7 +1,7 @@
---
title: "Disabling Ingest"
weight: 50
aliases: []
aliases: ["/administration/disabling-ingest", " "]
---

Humio has the ability to pause ingestion of data into a repository when needed.
@@ -37,4 +37,4 @@ When you block ingest all sockets opened for ingest into this repository are
closed and not re-opened until the block has expired or be removed by hand.
Most log shippers will simply queue up the log records when they can't deliver
them and then when the connection is re-opened they will ship all the missing
data as well as new data from that point on.
data as well as new data from that point on.
@@ -2,6 +2,7 @@
title: "Humio Metrics"
weight: 100
show_functions_as_pages: true
aliases: ["/administration/metrics"]
---

Humio outputs a number of metrics that can be used to monitor and
@@ -1,6 +1,7 @@
---
title: Removing a Node
weight: 60
aliases: ["/administration/removing-a-node"]
---

To safely remove a node from a Humio cluster you need to ensure that the data
@@ -1,6 +1,7 @@
---
title: Replacing Hardware
weight: 70
aliases: ["/administration/replacing-hardware"]
---

If you want to replace a node in your cluster, say due to faulty hardware or
@@ -1,7 +1,7 @@
---
title: Storage Rules
weight: 80
aliases: ["/ref/storage-rules"]
aliases: ["/administration/storage-rules", "/ref/storage-rules"]
---

In Humio data is distributed across the cluster nodes. Which nodes store what
@@ -1,7 +1,7 @@
---
title: Updating Humio to a newer version
weight: 90
aliases: ["configuration/upgrading"]
aliases: ["/administration/updating-humio", "configuration/upgrading"]
---

This guide will take you through the steps required to upgrade your Humio Cluster
@@ -2,6 +2,7 @@
title: "Configuration"
category_title: Overview
weight: 700
_index.md:aliases: ["/configuration/"]
---

Humio is configured by setting environment variables. The example configuration
@@ -287,7 +288,7 @@ DUMP_THREADS_SECONDS=10
```

## Java virtual machine parameters
You can [supplement or tune the Java virtual machine parameters]({{< ref "configuration/jvm-configuration" >}}) used
You can [supplement or tune the Java virtual machine parameters]({{< ref "jvm-configuration" >}}) used
when running Humio with the `HUMIO_JVM_ARGS` environment variable. The defaults are:

```properties
@@ -1,7 +1,7 @@
---
title: Authentication
category_title: Overview
aliases: ["operation/installation/authentication"]
aliases: ["/configuration/authentication", "operation/installation/authentication"]
---

Humio supports the following authentication types:
@@ -1,6 +1,7 @@
---
title: Authenticating with a Proxy
menuTitle: Proxy
aliases: ["/configuration/authentication/auth-by-proxy"]
---

Make Humio use the username provided by a HTTP proxy.
@@ -2,6 +2,7 @@
title: Authenticating with Auth0
menuTitle: Auth0
pageImage: /integrations/auth0.svg
aliases: ["/configuration/authentication/auth0"]
---

Humio can be configured to authenticate users through [Auth0](https://auth0.com/). Unless you have specific requirements,
@@ -74,9 +75,9 @@ The attribute `https://auth0-example.humio.com/roles` in this example is the use
There are several way to apply these Auth0 roles in humio.

- Create roles in Auth0 named `view.member`, `view.admin`, where `view` is the name of an actual view or repo in Humio, which will allow users to be member or admins in Humio. For instance, if a user is added to `humio.member`, then she can see the contents of the `humio` repository.
- Alternatively (if more detailed permissions are desired), Group/repo appings can be [defined in a separate file]({{< ref "/configuration/authentication/role-based-auth.md#setting-up-authorization-rules-from-a-file" >}}).
- Alternatively (if more detailed permissions are desired), Group/repo appings can be [defined in a separate file]({{< ref "role-based-auth.md#setting-up-authorization-rules-from-a-file" >}}).

Either way, it usually makes sense to also define these options in humio as also [described on this page]({{< ref "/configuration/authentication/role-based-auth.md" >}}). IF `AUTO_CREATE_USER_ON_SUCCESSFUL_LOGIN` is not set, then users must already have been created before hand inside Humio's UI.
Either way, it usually makes sense to also define these options in humio as also [described on this page]({{< ref "role-based-auth.md" >}}). IF `AUTO_CREATE_USER_ON_SUCCESSFUL_LOGIN` is not set, then users must already have been created before hand inside Humio's UI.

```
AUTO_CREATE_USER_ON_SUCCESSFUL_LOGIN=true
@@ -2,6 +2,7 @@
menuTitle: LDAP
title: Authenticating with LDAP
pageImage: /integrations/ldap.svg
aliases: ["/configuration/authentication/ldap"]
---

It is possible to authenticate and fetch group membership from an LDAP server. LDAP, although
@@ -15,8 +16,8 @@ Humio provides two ways to authenticate using LDAP.

Before configuring LDAP you need to ensure that a root account exists on the system. You can do this either by adding
the user name (the full name including domain name) via the
[administration section]({{<ref "/configuration/user-management.md">}}), or by the
API: [root access]({{<ref "/configuration/root-access.md">}}).
[administration section]({{<ref "../../configuration/basic-configuration/user-authentication.md">}}), or by the
API: [root access]({{<ref "../../configuration/basic-configuration/root-access.md">}}).

## Configuration File Location

@@ -3,7 +3,7 @@ title: Authenticating with OAuth 2.0
menuTitle: OAuth 2.0
category: ["Integration"]
pageImage: /integrations/oauth.svg
aliases: ["/ref/oauth"]
aliases: ["/configuration/authentication/oath", "/ref/oauth"]
---

Humio supports the OAuth 2.0 login flow for the following providers:
@@ -1,5 +1,6 @@
---
title: "Role Based Authorization"
aliases: ["/configuration/authentication/role-based-auth"]
---

Humio supports Role based authentication and access control (RBAC). This enables authorization of users based on Roles with different sets of permissions.
@@ -16,7 +17,7 @@ discussing autorization here please consider roles and groups
synonymous; Being in a role is the same as being member of a group
with that name.

Except for "root access", all authorization in humio is based on group memberhips. "Root access" is a per-user property and independent of roles and groups. See [root access]({{<ref "/configuration/root-access.md">}}).
Except for "root access", all authorization in humio is based on group memberhips. "Root access" is a per-user property and independent of roles and groups. See [root access]({{<ref "../../configuration/basic-configuration/root-access.md">}}).

### Group memberships

@@ -2,7 +2,7 @@
title: SAML 2.0
category_title: Overview
category: ["Integration"]
aliases: ["/ref/saml"]
aliases: ["/configuration/authentication/saml", "/ref/saml"]
---

Humio implements the SAML 2.0 _Web Browser SSO Profile_. This means authentication is delegated to an existing identity provider (IDP) which is responsible of managing user credentials. Examples of IDPs are Active Directory Federation Services (AFDS), Azure AD, Google (G Suite) and Auth0.
@@ -2,7 +2,7 @@
title: Azure AD using SAML
menuTitle: Azure AD
category: ["Integration"]
aliases: ["/ref/azure-ad"]
aliases: ["/configuration/authentication/saml/aad", "/ref/azure-ad"]
---

### Login with Azure AD using SAML and prefixes based on roles
@@ -24,7 +24,7 @@ SAML_IDP_CERTIFICATE=/certs/humio-AAD-SSO.pem

#### Mapping SAML roles to prefix queries (If using role-based authorization)

To also apply prefixes and repo memberships based on roles in AAD, these additional settings are required. See [role-based authoriation]({{< relref "configuration/authentication/role-based-auth.md" >}}) for details on how mapping roles to prefixes work and the format of the configration files.
To also apply prefixes and repo memberships based on roles in AAD, these additional settings are required. See [role-based authoriation]({{< relref "../role-based-auth.md" >}}) for details on how mapping roles to prefixes work and the format of the configration files.
```
# You'll need to create this attribute in your AAD Enterprise App and map it to user.assignedroles
SAML_GROUP_MEMBERSHIP_ATTRIBUTE=http://schemas.microsoft.com/ws/2008/06/identity/claims/role

0 comments on commit d7444e2

Please sign in to comment.
You can’t perform that action at this time.