Outage in Splunk Observability Cloud JP0

Splunk customers using Splunk Unified Identity on v9.3.2411.117 might face issues logging into Splunk Observability Cloud

Major
October 01, 2025 - Started 3 days ago
Official incident page

Need to monitor Splunk Observability Cloud JP0 outages?
Stay on top of outages with IsDown. Monitor the official status pages of all your vendors, SaaS, and tools, including Splunk Observability Cloud JP0, and never miss an outage again.
Start Free Trial

Outage Details

Splunk has identified a bug affecting all Unified Identity customers using Splunk Cloud version 9.3.2411.117 as their identity provider. Customers might be experiencing an inability to log in to Observability Cloud using the "Sign in via Splunk Cloud" workflow. The Splunk Cloud team is actively working on a solution, and the issue will be fully resolved once a patched version is released. The following workaround can be used by Customers using Unified Identity (without Centralized RBAC) until a patched version is released by the Splunk team 1. Customers using Unified Identity (without Centralized RBAC) can create a support case to have a set of users allow-listed for local login. 2. Once the users are allow-listed, the users will be able to login 3. After the patched version is released, the allowlist will be cleaned up There is no workaround for customers using Unified Identity (with Centralized RBAC) yet.
Latest Updates ( sorted recent to last )
IDENTIFIED 2 days ago - at 10/02/2025 06:27PM

The issue has been identified and a fix is being implemented. The expected ETA is Oct 3 (Friday) by 5 PM Pacific

INVESTIGATING 3 days ago - at 10/01/2025 05:03PM

Splunk has identified a bug affecting all Unified Identity customers using Splunk Cloud version 9.3.2411.117 as their identity provider. Customers might be experiencing an inability to log in to Observability Cloud using the "Sign in via Splunk Cloud" workflow. The Splunk Cloud team is actively working on a solution, and the issue will be fully resolved once a patched version is released.

The following workaround can be used by Customers using Unified Identity (without Centralized RBAC) until a patched version is released by the Splunk team

1. Customers using Unified Identity (without Centralized RBAC) can create a support case to have a set of users allow-listed for local login.
2. Once the users are allow-listed, the users will be able to login
3. After the patched version is released, the allowlist will be cleaned up

There is no workaround for customers using Unified Identity (with Centralized RBAC) yet.

Be the First to Know When Vendors Go Down

With IsDown, you can monitor all your critical services' official status pages from one centralized dashboard and receive instant alerts the moment an outage is detected. Say goodbye to constantly checking multiple sites for updates and stay ahead of outages with IsDown.

Start free trial

No credit card required · Cancel anytime · 4484 services available

Integrations with Slack Microsoft Teams Google Chat Datadog PagerDuty Zapier Discord Webhook