Use Cases
Software Products MSPs Schools Development & Marketing DevOps Agencies Help Desk
 
Internet Status Blog Pricing Log In Try IsDown for free now

Outage in Splunk Observability Cloud EU0

SSO Authentication Issues with Azure Entra ID

Resolved Minor
January 21, 2026 - Started 6 days ago - Lasted 1 day
Official incident page

Incident Report

Starting at 03:12 AM Pacific Time, customers using Azure Entra ID for Single Sign-On (SSO) may be unable to log in to Splunk Observability. We are actively investigating now.

Need to monitor Splunk Observability Cloud EU0 outages?

  • Monitor all your external dependencies in one place
  • Get instant alerts when outages are detected
  • Be the first to know if service is down
  • Show real-time status on private or public status page
  • Keep your team informed
Start monitoring for free
Latest Updates ( sorted recent to last )
RESOLVED 5 days ago - at 01/22/2026 02:02PM

The issue has been identified and resolved.

IDENTIFIED 5 days ago - at 01/21/2026 11:41PM

We are continuing to investigate this issue. Please refer to the Workaround posted in our update from 15:50 UTC.

IDENTIFIED 5 days ago - at 01/21/2026 10:38PM

We are continuing to investigate this issue.

IDENTIFIED 5 days ago - at 01/21/2026 07:16PM

We are continuing to investigate this issue.

IDENTIFIED 5 days ago - at 01/21/2026 06:18PM

Our engineering teams continue investigating this service disruption in search of a permanent solution for the SSO Authentication issues. The workaround mentioned in our previous update remains as the best course of action to mitigate immediate impact.

IDENTIFIED 6 days ago - at 01/21/2026 03:50PM

We have identified a workaround that can help restore access while we continue investigating the root cause.

Workaround
Organizations with SSO enabled have a local administrator account that can sign in without SSO. Administrators can use this account to:

1. Sign in to Splunk Observability using email and password (local login)
2. Invite affected users to the organization
3. Enable invited users to sign in using email and password (local login) as a temporary alternative

We have validated this process internally and confirmed it is working as expected.

Next step
* If you need assistance applying this workaround, please contact Splunk Customer Support.

We will continue to monitor the situation and provide updates as additional information becomes available.

INVESTIGATING 6 days ago - at 01/21/2026 02:26PM

We are continuing to investigate this issue.

INVESTIGATING 6 days ago - at 01/21/2026 01:50PM

We are continuing to investigate this issue.

INVESTIGATING 6 days ago - at 01/21/2026 12:23PM

Starting at 03:12 AM Pacific Time, customers using Azure Entra ID for Single Sign-On (SSO) may be unable to log in to Splunk Observability. We are actively investigating now.

Latest Splunk Observability Cloud EU0 outages

Hosts Infra Navigator View may not be loading properly - 7 days ago
Users may have issues with login into Splunk Observability and Log Observer Connect using Splunk Unified Identity - 13 days ago
Some users are unable to login and authenticate. - 27 days ago
Splunk Observability Cloud API and Web Interface degraded - 2 months ago
Intermittent errors while saving Charts and Dashboard on UI - 3 months ago

The Status Page Aggregator with Early Outage Detection

With IsDown, you can monitor all your critical services' official status pages from one centralized dashboard and receive instant alerts the moment an outage is detected. Say goodbye to constantly checking multiple sites for updates and stay ahead of outages with IsDown.

Start free trial

No credit card required · Cancel anytime · 5450 services available

Integrations with Slack Microsoft Teams Google Chat Datadog PagerDuty Zapier Discord Webhook