article Enabling Automatic Logins with Splunk

Related Documentation Version of up.time affected Affected Platforms
up.time Configuration Parameters
up.time 5.x All

If you are using the Splunk IT search engine with up.time, you can click the Splunk icon that appears beside the names of services that are in WARN or CRIT states to check the Splunk logs for information about the outage. However, you will find that every time users click the Splunk icon after closing their browsers or connecting to the monitoring station from another computer, they must enter a user name and password to access Splunk.

However, the Splunk administrator can configure Splunk to enable automatic logins from up.time. The configuration required depends on the version of Splunk being used.

NOTE: The user name and password sent to Splunk will not be encrypted.


Enabling automatic logins with Splunk v2.x

  1. Login to the Splunk server at the command line.
  2. Find the XMLResource.py file (location depends on your Splunk version). For example, in Splunk 2.x, this file can be found in the following location:
    $SPLUNK_HOME/lib/python2.4/site-packages/splunk/search/XMLResource.py

    Where $SPLUNK_HOME is the directory in which Splunk is installed (e.g. /opt/splunk/).

  3. Make a backup copy of the XMLResource.py file.
  4. Open XMLResource.py in a text editor and find the following block of text:
    def render_GET(self, request) :
    # backdoor so scripts can auto-login just with a GET request instead of having to craft a proper HTTP POST. Doesnt help said script keep track of the cookie, which is the hard part.
    #if (?usr? in request.args) and (?pwd? in request.args) :
    # return self.render_POST(request)
    logger.debug(?LoginResource.render_GET?)
    sessNS = request.getSession().sessionNamespaces
    
  5. If you are using Splunk 2.x, replace the commented lines that start with if and return with this code (replace the hyphens with spaces; tabbing in python code is important).
    --------if ("usr" in request.args) and ("pwd" in request.args) :
    ------------logger.info("user is attempting login on GET")
    ------------sessNS = request.getSession().sessionNamespaces
    ------------if ("cannotConnectToSplunkd" not in sessNS and "error" not in sessNS) :
    ----------------if ("q" in request.args) :
    --------------------logger.info("user attempting login on GET is requesting redirection to a permalink")
    --------------------sessNS["postLoginRedirect"] = "/?q=" + request.args["q"][0]
    ----------------return self.render_POST(request)
    
  6. Save the file and edit the text editor.
  7. Restart Splunk using the restartss command.
  8. On the up.time Monitoring Station, go to the up.time Configuration panel, then add and configure the following Splunk settings:
  9. splunk.url=http://splunkserver:8000
    splunk.username=admin
    splunk.password=admin
    splunk.soapurl=https://splunkserver:8089
    
  10. Change the values for splunk.username and splunk.password to the user name and password required to login to Splunk.
  11. Click Update.

Enabling automatic logins with Splunk v3.2 to 3.4

  1. Login to the Splunk server at the command line.
  2. Find the XMLResource.py file (location depends on your Splunk version).
  3. Make a backup copy of the XMLResource.py file.
  4. Open XMLResource.py in a text editor, and find the following block of text:
    def render_GET(self, request) :
    # backdoor so scripts can auto-login just with a GET request instead of having to craft a proper HTTP POST. Doesnt help said script keep track of the cookie, which is the hard part.
    #if (?usr? in request.args) and (?pwd? in request.args) :
    # return self.render_POST(request)
    logger.debug(?LoginResource.render_GET?)
    sessNS = request.getSession().sessionNamespaces
    
  5. If you are using Splunk 3.2 to 3.4.x, replace the commented lines that start with if and return with this code (replace the hyphens with spaces; tabbing in python code is important).
    --------if ("usr" in request.args) and ("pwd" in request.args) :
    ------------logger.info("user is attempting login on GET")
    ------------sessNS = request.getSession().sessionNamespaces
    ------------if ("cannotConnectToSplunkd" not in sessNS and "error" not in sessNS) :
    ----------------if ("q" in request.args) :
    --------------------logger.info("user attempting login on GET is requesting redirection to a permalink")
    --------------------request.args["return"] = ["/?q=" + request.args["q"][0]]
    ----------------return self.render_POST(request)
    
  6. Save the file and edit the text editor.
  7. Restart Splunk using the restartss command.
  8. On the up.time Monitoring Station, go to the up.time Configuration panel, then add and configure the following Splunk settings:
  9. splunk.url=http://splunkserver:8000
    splunk.username=admin
    splunk.password=admin
    splunk.soapurl=https://splunkserver:8089
    
  10. Change the values for splunk.username and splunk.password to the user name and password required to login to Splunk.
  11. Click Update.

Enabling automatic logins with Splunk v4.0/4.1

  1. On the Splunk server, create a file named web.conf in the $SPLUNK_HOME$/etc/system/local/ directory.
  2. Open web.conf in a text editor, and add the following two lines:
    [settings]
    enable_insecure_login = true
    
  3. Restart Splunk using the splunk restart command, found in $SPLUNKHOME/bin/.
  4. On the up.time Monitoring Station, go to the up.time Configuration panel, then add and configure the following Splunk settings:
  5. splunk.url=http://splunkserver:8000
    splunk.username=admin
    splunk.password=admin
    splunk.soapurl=https://splunkserver:8089
    
  6. Change the values for splunk.username and splunk.password to the user name and password required to login to Splunk.
  7. Click Update.

Related Articles


How do I configure automatic recovery actions?

RatingViews
article

up.time can perform recovery actions when a service monitor goes critical. This is done with action profiles. Action Profiles are templates that tell up.time what action to take when a monitor...

By: uptime Support | Date Created: 1-30-2009 | Last Modified: 8-25-2011 | Index: 350

  4341

Enabling the IBM WebSphere service monitor

RatingViews
article

Before up.time can monitor a WebSphere server, you need to deploy the WebSphere performance servlet.

By: uptime Support | Date Created: 10-2-2006 | Last Modified: 7-29-2011 | Index: 096

  13207

Enabling the BEA WebLogic service monitor

RatingViews
article

To monitor a WebLogic server with up.time, first deploy the weblogic.jar file on the monitoring station.

By: uptime Support | Date Created: 10-2-2006 | Last Modified: 7-28-2011 | Index: 095

  6002

Enabling a UI-only up.time instance

RatingViews
article

To force up.time to run only with the user interface and skip all data collection tasks add this line to your /uptime.conf and then restart the up.time data collector core service....

By: uptime Support | Date Created: 12-31-1969 | Last Modified: 9-1-2011 | Index: 270

  2676

Automatically restarting a Windows service

RatingViews
article

Use an up.time action profile to automatically restart a stopped Windows service.

By: uptime Support | Date Created: 12-12-2006 | Last Modified: 7-28-2011 | Index: 105

  8515

User Comments



No comments have been posted.

Copyright © 2021 IDERA, Inc.   Legal   Privacy Statement