Auth0 Community,
I need help for the implementation of sending the Auth0 logs to Splunk, unfortunately, I can’t use the Splunk built in module.
Instead, I will need to use mTLS going through an AWS Application Load Balancer (ALB). Could I please get help starting and support through the project from the Auth0 side. Any requirements we will need to start the project: custom domain?, enabling mTLS or outbound certificates?
I think I will need client certificate support and setup/configuration, custom webhook setup/implementation help as well (how to include the cert in the outbound header, etc…)
Any examples or documentation of how this is done would be a great start and any support would be appreciated. Links to community threads if available, etc…
Thank you,
Todd
Hi @tjackson
Welcome to the Auth0 Community!
Regarding your implementation, I would recommend the following documentation:
Unfortunately, we do not have documentation or blog articles regarding implementing Auth0 with an AWS ALB. I would recommend resorting to the available documentation from AWS regarding implementing a LB for your application and streaming that information forward to Splunk.
If you have any other questions, let me know!
Kind Regards,
Nik
Thank you Nik. I will reference the links and post any further questions!
I do have a clarification, we are not performing the authentication on our end, we are sending a cert to the 3rd party who maintain the ALB and they want to use mTLS to authenticate us on their end to accept the splunk logs we need to send to them from Auth0.
I need to get the steps I’ll need to implement and how to do this in Auth0. I need to send my logs to the AWS Load Balancer, which is using mTLS to authenticate my connection from Auth0.
I think I’ll need to send a cert and include that cert in the http request and a key or token for the cert in the http headers I send from Auth0? I will also need to use AWS_mtl header in the request.
Can you help me find out more details on how I would implement this in Auth0?
Hi again @tjackson
Thank you for providing more information on the matter, indeed, it appears that I misunderstood the use case a bit. I can also see that you have opened a support ticket on the matter as well.
As far as I have checked and from the information I got after I synced with the assigned agent to your ticket, there isn’t any documentation available in regards to setting up log streaming from Auth0 to a Load Balancer which used mTLS for authentication, this is quite an unique use case.
Even if you were to set up a custom web hook in order to stream your Auth0 logs, since log streaming is considered outbound traffic, it will use your canonical domain instead of a custom domain which you set up to use the appropriate HTTP headers and certificates.
I will still investigate the matter further to see if there is anything that can be done on the Auth0 side regarding this implementation.
Kind Regards,
Nik
I thought it might be somewhat unique, thanks for your reply Nik.
I am willing to brainstorm and try outside the box solutions if need be. I appreciate any information you may be able to find. Thank you!
Hi again!
I am replying in order to provide further updates on the matter for anybody else who might be intereste. I can see that the support ticket has reached a resolution for this time being and that a feature request has been submitted on your behalf regarding implementing this feature in the future to further customize log streaming to other services.
For the time being, I will be marking this reply as a solution to the post since there is not out of the box solution offered by Auth0 to implement mTLS authentication to an external ALB.
Hope to see you around and if this feature becomes available, I will make sure to let you know with a reply to this thread!
Kind Regards,
Nik