All Apps and Add-ons
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

website mointoring

riqbal47010
Path Finder
‎11-10-2019 03:19 AM

Hi
we have two types of web portals. Internal and external. Internal are only for our employees and exteranals are for specific people to access from remote location.

In the status Overview Page,
for Internal Portal, the reponse is 401.

and for External Portal the response is "502"

alt text

from _internal logs:
index=_internal sourcetype="web_availability_modular_input" auth_type
alt text

Please support.

Tags (1)
Preview file
28 KB
Preview file
96 KB
0 Karma
Reply

arjunpkishore5
Motivator
‎11-10-2019 04:16 AM

For the external, make sure a firewall is not blocking connections. Typically, you would use a proxy to connect to external websites from within an organization

For internal, ensure you have the right authorization headers. Typically organizations have LDAP or SAML authentication set up. This might be blocking your requests since the system is unable to authorize you.

Since I have no idea how your systems are setup, not sure if I can help beyond the above guesses.

0 Karma
Reply

riqbal47010
Path Finder
‎11-10-2019 05:00 AM

HI
thanks for your response.

when I put the full URL for external the response goes green with code=20

we are using LDAP authentication and I am pretty sure that it is the basic cause for blocking the request. can you please share the step for LDAP authorization. .
I used curl command with proxy and user credentaill but still using the error code 401

0 Karma
Reply

arjunpkishore5
Motivator
‎11-10-2019 02:54 PM

You'll have to check with the LDAP admin on the type of authentication headers needed. With curl, you can try some of the available methods to figure out - https://ec.haxx.se/http-auth.html

0 Karma
Reply

riqbal47010
Path Finder
‎11-10-2019 09:54 PM

sorry I lost in between.

As per AD admin we are using kerberos authentication whereas I link the available authentication methods are digest,negotiate and ntlm.

beside this how can we fix this issue from app side.

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Event Series: Splunk Observability Metrics Cost Optimization

Balancing Scale and Spend: Gaining Control Over High-Volume Metrics in Splunk Observability Cloud As ...

Kick the Tires Before You Commit: A Hands-On Tour of the Splunk Observability Cloud ...

Evaluating an enterprise observability platform usually goes like this: fill out a form, get a free trial with ...

Deep insights, no barriers: Splunk Observability Cloud Free Edition

As software delivery cycles continue to accelerate, observability shouldn’t be a luxury — it should be a ...