Outage in Splunk Observability Cloud JP0
Splunk customers using Splunk Unified Identity on v9.3.2411.117 might face issues logging into Splunk Observability Cloud
Major
October 01, 2025 - Started 3 days ago
Official incident page
Official incident page
Need to monitor Splunk Observability Cloud JP0 outages?
Stay on top of outages with IsDown. Monitor the official status pages of all your vendors, SaaS, and tools, including Splunk Observability Cloud JP0, and never miss an outage again.
Start Free Trial
Outage Details
Splunk has identified a bug affecting all Unified Identity customers using Splunk Cloud version 9.3.2411.117 as their identity provider. Customers might be experiencing an inability to log in to Observability Cloud using the "Sign in via Splunk Cloud" workflow. The Splunk Cloud team is actively working on a solution, and the issue will be fully resolved once a patched version is released.
The following workaround can be used by Customers using Unified Identity (without Centralized RBAC) until a patched version is released by the Splunk team
1. Customers using Unified Identity (without Centralized RBAC) can create a support case to have a set of users allow-listed for local login.
2. Once the users are allow-listed, the users will be able to login
3. After the patched version is released, the allowlist will be cleaned up
There is no workaround for customers using Unified Identity (with Centralized RBAC) yet.
Latest Updates ( sorted recent to last )
IDENTIFIED
2 days ago - at 10/02/2025 06:27PM
The issue has been identified and a fix is being implemented. The expected ETA is Oct 3 (Friday) by 5 PM Pacific
INVESTIGATING
3 days ago - at 10/01/2025 05:03PM
Splunk has identified a bug affecting all Unified Identity customers using Splunk Cloud version 9.3.2411.117 as their identity provider. Customers might be experiencing an inability to log in to Observability Cloud using the "Sign in via Splunk Cloud" workflow. The Splunk Cloud team is actively working on a solution, and the issue will be fully resolved once a patched version is released.
The following workaround can be used by Customers using Unified Identity (without Centralized RBAC) until a patched version is released by the Splunk team
1. Customers using Unified Identity (without Centralized RBAC) can create a support case to have a set of users allow-listed for local login.
2. Once the users are allow-listed, the users will be able to login
3. After the patched version is released, the allowlist will be cleaned up
There is no workaround for customers using Unified Identity (with Centralized RBAC) yet.
Latest Splunk Observability Cloud JP0 outages
Elevated Error Rate from the Splunk APM API - about 1 month ago
Elevated Error Rate from the Splunk APM API - about 2 months ago
Corrupted Session Replay data - 3 months ago
Splunk Observability Synthetic Monitoring tests unavailable - 4 months ago
Be the First to Know When Vendors Go Down
With IsDown, you can monitor all your critical services' official status pages from one centralized dashboard and receive instant alerts the moment an outage is detected. Say goodbye to constantly checking multiple sites for updates and stay ahead of outages with IsDown.
Start free trialNo credit card required · Cancel anytime · 4484 services available
Integrations with
