SSO for Logs? Federated Identity with Loggly
Federated Identity Supports a DevOps Mindset
Log data isn’t necessarily the first things that comes to mind when people talk about DevOps, but it is one of the most important tools you have to get everyone in development and operations on the same page.
If you have been operating a homegrown log management solution that’s hard to use, you may have only given access to a few people. The customers that get the most out of Loggly, on the other hand, give access to every single member of their development and operations teams. But broad access can introduce new user management problems. Thankfully, federated identity allows you to manage large organizations with dozens up to thousands of employees from a single central location. This makes it much easier to add new employees to your organization, change permissions, or remove previous employees. You will need to update every single tool and solution those employees use, only your company directory.
Forgotten Usernames and Passwords Shouldn’t Be a Barrier to Insight
Loggly now supports federated identity management so that users have single sign on into Loggly using the credentials stored in their company directory. A top feature request from our customers, federated identity management makes it much more efficient for larger organizations to provide universal log management access. Federated identity is available to customers with Enterprise subscription plans. If you need to evaluate this feature during a trial, contact our sales team.
How It Works
The Loggly federated identity management feature utilizes Security Assertion Markup Language (SAML) 2.0 and supports Active Directory Federation Services (ADFS). When a user wants to log into Loggly, Loggly will check whether he or she is a member of one or more groups that your Loggly administrator has specified. In addition to accessing attributes like username, email, and user role from the directory, you can map a user role attribute or groups in the directory to Loggly user roles. However, you can still manage user roles in Loggly if this information isn’t part of your directory setup. You must have at least one non-federated Loggly administrator who manages setup and API usage.
When a new user joins your company, Loggly automatically provisions their accounts upon their first Loggly login. If the directory is not controlling their role, they will initially have standard User level privileges. When you remove a user from your directory, that user’s Loggly access is also revoked.
Scale Up the Benefits of Log Management
Federated identity management is another way that Loggly gives your entire team easy access to the log insights that matter through single sign on (SSO). Contact our sales team to upgrade to an Enterprise subscription and explore the benefits for yourself.