Outage in Splunk Observability Cloud JP0

Splunk customers using Splunk Unified Identity on v9.3.2411.117 might face issues logging into Splunk Observability Cloud

Resolved Major
October 01, 2025 - Started 26 days ago - Lasted 7 days
Official incident page

Incident Report

Splunk has identified a bug affecting all Unified Identity customers using Splunk Cloud version 9.3.2411.117 as their identity provider. Customers might be experiencing an inability to log in to Observability Cloud using the "Sign in via Splunk Cloud" workflow. The Splunk Cloud team is actively working on a solution, and the issue will be fully resolved once a patched version is released. The following workaround can be used by Customers using Unified Identity (without Centralized RBAC) until a patched version is released by the Splunk team 1. Customers using Unified Identity (without Centralized RBAC) can create a support case to have a set of users allow-listed for local login. 2. Once the users are allow-listed, the users will be able to login 3. After the patched version is released, the allowlist will be cleaned up There is no workaround for customers using Unified Identity (with Centralized RBAC) yet.

Need to monitor Splunk Observability Cloud JP0 outages?

One place to monitor all your cloud vendors. Get instant alerts when an outage is detected.

Try IsDown risk-free 14-day free trial · No credit card required
Latest Updates ( sorted recent to last )
RESOLVED 19 days ago - at 10/08/2025 04:38PM

This incident has been resolved.

IDENTIFIED 25 days ago - at 10/02/2025 06:27PM

The issue has been identified and a fix is being implemented. The expected ETA is Oct 3 (Friday) by 5 PM Pacific

INVESTIGATING 26 days ago - at 10/01/2025 05:03PM

Splunk has identified a bug affecting all Unified Identity customers using Splunk Cloud version 9.3.2411.117 as their identity provider. Customers might be experiencing an inability to log in to Observability Cloud using the "Sign in via Splunk Cloud" workflow. The Splunk Cloud team is actively working on a solution, and the issue will be fully resolved once a patched version is released.

The following workaround can be used by Customers using Unified Identity (without Centralized RBAC) until a patched version is released by the Splunk team

1. Customers using Unified Identity (without Centralized RBAC) can create a support case to have a set of users allow-listed for local login.
2. Once the users are allow-listed, the users will be able to login
3. After the patched version is released, the allowlist will be cleaned up

There is no workaround for customers using Unified Identity (with Centralized RBAC) yet.

Latest Splunk Observability Cloud JP0 outages

Intermittent errors while saving Charts and Dashboard on UI - 10 days ago
Elevated Error Rate from the Splunk APM API - 2 months ago
Elevated Error Rate from the Splunk APM API - 2 months ago
Corrupted Session Replay data - 4 months ago
Splunk Observability Synthetic Monitoring tests unavailable - 5 months ago

The Status Page Aggregator Built for IT Teams

With IsDown, you can monitor all your critical services' official status pages from one centralized dashboard and receive instant alerts the moment an outage is detected. Say goodbye to constantly checking multiple sites for updates and stay ahead of outages with IsDown.

Start free trial

No credit card required · Cancel anytime · 4522 services available

Integrations with Slack Microsoft Teams Google Chat Datadog PagerDuty Zapier Discord Webhook