Documentation forLoggly

Configuration for Loggly Single Sign On (SSO) using LastPass

Provide key information to Loggly

Obtain the following information from your Identity Data Provider (IDP) software interface:

  1. IDP entity ID: A URL which serves as the identifying name of your service.
  2. IDP SSO Endpoint : The URL to which users will be redirected to sign in.
  3. IDP Public Certificate: Provides cryptographic verification of your IDP’s authenticity. Must be provided to loggly Base64 encoded (.pem) format.

Provide group mapping information to Loggly

Loggly controls user access through SSO via group membership mappings. In order to access the product, each user must be a member of at least one mapped group. Groups may map to one of two privilege levels, "user" or "admininstrator". A user belonging to multiple groups will receive the highest privileges among any of their groups.

If you don’t wish to provide this information, we will use the following default mapping:

Group Name Privilege
Loggly Users user
Loggly Admins administrator

At this point Loggly will create an SSO configuration for your subdomain, and notify you when it’s possible to move on to the next step.

Add Relying Party record

If your IDP software supports auto-configuration via URL, simply provide it your subdomain’s metadata URL:

<your subdomain> 

If your IDP supports auto-configuration via XML upload, save the above page with a .xml extension and upload that file.

Otherwise, these are the key pieces of information to enter into your configuration interface:

  1. Service Provider (SP) Entity ID: <your subdomain>
  2. SP SSO Endpoint: <your subdomain>
  3. SP Login URL: <your subdomain>

Map Claim Attributes

Identity Assertions to Loggly must contain the following information. Depending on your IDP software’s interface, these mappings may be configured on a separate page with a name like "data mapping" or "claim rules."

  1. Name ID
  2. lastname
  3. firstname
  4. emails
  5. groups

Name ID is a built-in SAML data type. Depending on your IDP interface, it may be specified separately from other attribute mappings. 

The other field names (2-5) must be provided exactly as they appear here. In most IDP software packages, these must be entered as custom field mappings, even if they appear to match a dropdown options. (For example, an option labeled Email Addresses will not match "emails".)

When the APM Integrated Experience is enabled, Loggly shares a common navigation and enhanced feature set with the other integrated experiences' products. How you navigate Loggly and access its features may vary from these instructions. For more information, go to the APM Integrated Experience documentation.