Allowing users to log in with HTTP GET in 2.1x

I’ve had to field a few of these requests so here goes.

Assuming you understand that by doing this, you send users and passwords in clear text and the risks involved.

There is a way to do this through http GET, but it requires modifying a bit of python.

Edit line 395 of located in $SPLUNK_HOME/lib/python2.4/site-packages/splunk/search/

def render_GET(self, request) :
# backdoor so scripts can auto-login just with a GET request instead of having to craft a proper HTTP POST. Doesnt help said script keep track of the cookie, which is the hard part.
#if (”usr” in request.args) and (”pwd” in request.args) :
# return self.render_POST(request)
sessNS = request.getSession().sessionNamespaces

Uncomment out the if and return lines and restart splunk.

To log in, you would enter this URL

by Mark Cohen

Posted by


Join the Discussion