Related Documentation |
Version of up.time affected |
Affected Platforms |
up.time Configuration Parameters
|
up.time 5.x |
All |
If you are using the Splunk IT search engine with up.time, you can click the Splunk icon that appears beside the names of services that are in WARN or CRIT states to check the Splunk logs for information about the outage. However, you will find that every time users click the Splunk icon after closing their browsers or connecting to the monitoring station from another computer, they must enter a user name and password to access Splunk.
However, the Splunk administrator can configure Splunk to enable automatic logins from up.time. The configuration required depends on the version of Splunk being used.
NOTE: The user name and password sent to Splunk will not be encrypted.
Enabling automatic logins with Splunk v2.x
- Login to the Splunk server at the command line.
- Find the
XMLResource.py
file (location depends on your Splunk version). For example, in Splunk 2.x, this file can be found in the following location:
$SPLUNK_HOME/lib/python2.4/site-packages/splunk/search/XMLResource.py
Where $SPLUNK_HOME
is the directory in which Splunk is installed (e.g. /opt/splunk/).
- Make a backup copy of the
XMLResource.py
file.
- Open
XMLResource.py
in a text editor and find the following block of text:
def render_GET(self, request) :
# backdoor so scripts can auto-login just with a GET request instead of having to craft a proper HTTP POST. Doesnt help said script keep track of the cookie, which is the hard part.
#if (?usr? in request.args) and (?pwd? in request.args) :
# return self.render_POST(request)
logger.debug(?LoginResource.render_GET?)
sessNS = request.getSession().sessionNamespaces
- If you are using Splunk 2.x, replace the commented lines that start with
if
and return
with this code (replace the hyphens with spaces; tabbing in python code is important).
--------if ("usr" in request.args) and ("pwd" in request.args) :
------------logger.info("user is attempting login on GET")
------------sessNS = request.getSession().sessionNamespaces
------------if ("cannotConnectToSplunkd" not in sessNS and "error" not in sessNS) :
----------------if ("q" in request.args) :
--------------------logger.info("user attempting login on GET is requesting redirection to a permalink")
--------------------sessNS["postLoginRedirect"] = "/?q=" + request.args["q"][0]
----------------return self.render_POST(request)
- Save the file and edit the text editor.
- Restart Splunk using the
restartss
command.
- On the up.time Monitoring Station, go to the up.time Configuration panel, then add and configure the following Splunk settings:
splunk.url=http://splunkserver:8000
splunk.username=admin
splunk.password=admin
splunk.soapurl=https://splunkserver:8089
- Change the values for
splunk.username
and splunk.password
to the user name and password required to login to Splunk.
- Click Update.
Enabling automatic logins with Splunk v3.2 to 3.4
- Login to the Splunk server at the command line.
- Find the
XMLResource.py
file (location depends on your Splunk version).
- Make a backup copy of the
XMLResource.py
file.
- Open
XMLResource.py
in a text editor, and find the following block of text:
def render_GET(self, request) :
# backdoor so scripts can auto-login just with a GET request instead of having to craft a proper HTTP POST. Doesnt help said script keep track of the cookie, which is the hard part.
#if (?usr? in request.args) and (?pwd? in request.args) :
# return self.render_POST(request)
logger.debug(?LoginResource.render_GET?)
sessNS = request.getSession().sessionNamespaces
- If you are using Splunk 3.2 to 3.4.x, replace the commented lines that start with
if
and return
with this code (replace the hyphens with spaces; tabbing in python code is important).
--------if ("usr" in request.args) and ("pwd" in request.args) :
------------logger.info("user is attempting login on GET")
------------sessNS = request.getSession().sessionNamespaces
------------if ("cannotConnectToSplunkd" not in sessNS and "error" not in sessNS) :
----------------if ("q" in request.args) :
--------------------logger.info("user attempting login on GET is requesting redirection to a permalink")
--------------------request.args["return"] = ["/?q=" + request.args["q"][0]]
----------------return self.render_POST(request)
- Save the file and edit the text editor.
- Restart Splunk using the
restartss
command.
- On the up.time Monitoring Station, go to the up.time Configuration panel, then add and configure the following Splunk settings:
splunk.url=http://splunkserver:8000
splunk.username=admin
splunk.password=admin
splunk.soapurl=https://splunkserver:8089
- Change the values for
splunk.username
and splunk.password
to the user name and password required to login to Splunk.
- Click Update.
Enabling automatic logins with Splunk v4.0/4.1
- On the Splunk server, create a file named
web.conf
in the $SPLUNK_HOME$/etc/system/local/
directory.
- Open
web.conf
in a text editor, and add the following two lines:
[settings]
enable_insecure_login = true
- Restart Splunk using the
splunk restart
command, found in $SPLUNKHOME/bin/.
- On the up.time Monitoring Station, go to the up.time Configuration panel, then add and configure the following Splunk settings:
splunk.url=http://splunkserver:8000
splunk.username=admin
splunk.password=admin
splunk.soapurl=https://splunkserver:8089
- Change the values for
splunk.username
and splunk.password
to the user name and password required to login to Splunk.
- Click Update.