Digital Resilience Pays Off
Download this e-book to learn about the role of Digital Resilience across enterprises.
This is a quick update to Mark’s post from 10/9/2006
Again, to reiterate Mark’s qualifier – this is all assuming you understand that by doing this, you send users and passwords in clear text and the risks involved.
So, uncommenting the 2 lines as described in Mark’s post will only get you the first part, ie the ability to send a GET request that logs you in. We’ve had people ask if that request can go further and also return results right away for a particular search they also pass in. Obvious request but somehow we didnt anticipate it.
So until we wrap this feature up in a bow in a release, once again this involves editing python by hand. And this time it’s more than just uncommenting two lines. It’s cut and paste, and if you know python you know that tab-indentation is meaningful, and this seemingly simple action can be deadly. You have been warned. Back up the file and proceed carefully.
Alrighty, still with us? =) Find the 2 lines that Mark blogs about uncommenting. (this will be XMLResource.py, line 395 – 400 ish depending on which 2.1 release this is)
Now replace those two lines with these lines below. NOTE: REPLACE HYPHENS WITH SPACES. wordpress seems to insist on removing leading spaces.
--------if ("usr" in request.args) and ("pwd" in request.args) : ------------logger.info("user is attempting login on GET") ------------if ("q" in request.args) : ----------------logger.info("user attempting login on GET is requesting redirection to a permalink") ----------------sessNS = request.getSession().sessionNamespaces ----------------sessNS["postLoginRedirect"] = "/?q=" + request.args["q"][0] ------------return self.render_POST(request)
now restart the python front end using splunk restartss (a full splunk restart is not necessary)
And now you’ll have the ability to embed URL’s like this in the webapp of your choice
http://your.host/login?usr=username&pwd=password&q=interestingTerm1%20interestingTerm2
UPDATE——
as pointed out in the first comment (thanks!!) the above snippet will happily fall into a recursive loop if the auth information it’s given is incorrect. New improved version below: (AGAIN, REPLACE LEADING HYPHENS WITH SPACES)
--------if ("usr" in request.args) and ("pwd" in request.args) : ------------logger.info("user is attempting login on GET") ------------sessNS = request.getSession().sessionNamespaces ------------if ("cannotConnectToSplunkd" not in sessNS and "error" not in sessNS) : ----------------if ("q" in request.args) : --------------------logger.info("user attempting login on GET is requesting redirection to a permalink") --------------------sessNS["postLoginRedirect"] = "/?q=" + request.args["q"][0] ----------------return self.render_POST(request)
The Splunk platform removes the barriers between data and action, empowering observability, IT and security teams to ensure their organizations are secure, resilient and innovative.
Founded in 2003, Splunk is a global company — with over 7,500 employees, Splunkers have received over 1,020 patents to date and availability in 21 regions around the world — and offers an open, extensible data platform that supports shared data across any environment so that all teams in an organization can get end-to-end visibility, with context, for every interaction and business process. Build a strong data foundation with Splunk.