TIPS & TRICKS

quick way to allow you to autologin and run a search from a single link

This is a quick update to Mark’s post from 10/9/2006

Again, to reiterate Mark’s qualifier – this is all assuming you understand that by doing this, you send users and passwords in clear text and the risks involved.

So, uncommenting the 2 lines as described in Mark’s post will only get you the first part, ie the ability to send a GET request that logs you in. We’ve had people ask if that request can go further and also return results right away for a particular search they also pass in. Obvious request but somehow we didnt anticipate it.

So until we wrap this feature up in a bow in a release, once again this involves editing python by hand. And this time it’s more than just uncommenting two lines. It’s cut and paste, and if you know python you know that tab-indentation is meaningful, and this seemingly simple action can be deadly. You have been warned. Back up the file and proceed carefully.

Alrighty, still with us? =) Find the 2 lines that Mark blogs about uncommenting. (this will be XMLResource.py, line 395 – 400 ish depending on which 2.1 release this is)

Now replace those two lines with these lines below. NOTE: REPLACE HYPHENS WITH SPACES. wordpress seems to insist on removing leading spaces.

--------if ("usr" in request.args) and ("pwd" in request.args) :
------------logger.info("user is attempting login on GET")
------------if ("q" in request.args) :
----------------logger.info("user attempting login on GET is requesting redirection to a permalink")
----------------sessNS = request.getSession().sessionNamespaces
----------------sessNS["postLoginRedirect"] = "/?q=" + request.args["q"][0]
------------return self.render_POST(request)

now restart the python front end using splunk restartss (a full splunk restart is not necessary)
And now you’ll have the ability to embed URL’s like this in the webapp of your choice

http://your.host/login?usr=username&pwd=password&q=interestingTerm1%20interestingTerm2

UPDATE——

as pointed out in the first comment (thanks!!) the above snippet will happily fall into a recursive loop if the auth information it’s given is incorrect. New improved version below: (AGAIN, REPLACE LEADING HYPHENS WITH SPACES)

--------if ("usr" in request.args) and ("pwd" in request.args) :
------------logger.info("user is attempting login on GET")
------------sessNS = request.getSession().sessionNamespaces
------------if ("cannotConnectToSplunkd" not in sessNS and "error" not in sessNS) :
----------------if ("q" in request.args) :
--------------------logger.info("user attempting login on GET is requesting redirection to a permalink")
--------------------sessNS["postLoginRedirect"] = "/?q=" + request.args["q"][0]
----------------return self.render_POST(request)
Splunk
Posted by

Splunk