Dashboards & Visualizations
Highlighted

Can I have a splunk link be externally accessed by clicking the link and have the username and password passed to it?

Motivator

Below is a link in a webpage. I am looking at having a link that the user will need a username and password to access. I plan to use a generic u/n and p/w as the security won't be an issue at this stage.

So the user will click the link and somehow the u/n and p/w will be passed and entered into the website and the user brought to the required page.

How do I go about achieving this? can I somehow include the un and pw in the html? do I need to use php or some other method?

<!DOCTYPE html>
<html>
<body>

<p><a href="https://splunk:8000/en-GB/app/app_name/dashboard1">dashboard1 </a></p>

</body>
</html>
0 Karma
Highlighted

Re: Can I have a splunk link be externally accessed by clicking the link and have the username and password passed to it?

Motivator

Wao! What a good idea ! But for the moment, a user always need to provide credentials to access splunk Enterprise home.
alt text

What you can do, is to just put the link to the dashboard, and the user will be prompted to enter the username and the password in the screen above. Once informations entered, he will be directly directed to the dashboard.

 <!DOCTYPE html>
 <html>
 <body>

 <p><a http://45.61.16.70:8000/en-US/app/Alerts_application/Ticket_newPage_Drilldown">dashboard1 </a></p>

 </body>
 </html>
0 Karma
Highlighted

Re: Can I have a splunk link be externally accessed by clicking the link and have the username and password passed to it?

Communicator

The other thing you might consider is saving your dashboard panels as scheduled reports in Splunk and sharing them as iframes, no additional authentication required if you embed them at that point.

Highlighted

Re: Can I have a splunk link be externally accessed by clicking the link and have the username and password passed to it?

Yes, You can....
1.You have to implement a python script to give the user role/permission to splunk
2.Configure the splunk to ask that python file about the user details
Now launch your url.
Splunk will interact with that python method and user the user details returned

Please refer the below link
http://docs.splunk.com/Documentation/Splunk/6.2.2/Security/ConfigureSplunktousePAMorRADIUSauthentica...

0 Karma
Highlighted

Re: Can I have a splunk link be externally accessed by clicking the link and have the username and password passed to it?

Motivator

sorry but could you elaborate on that more? I have tried reading all that and still do not fully get how it can be done.

0 Karma
Highlighted

Re: Can I have a splunk link be externally accessed by clicking the link and have the username and password passed to it?

Set up user authentication with external systems helps you to write your own authentication mechanism to splunk..
If you configured your authentication.conf for scripted authentication
[authentication]
authType = Scripted
authSettings = script

[script]
scriptPath = $SPLUNKHOME/bin/python $SPLUNKHOME/bin/

Splunk will not use its own authentication mechanism. Instead it will interact with your python file to authenticate a user and roles.

You must implement the following method in your python file...
userLogin
getUserInfo
getUsers
getSearchFilter

Check this page for sample script creation :
http://docs.splunk.com/Documentation/Splunk/6.2.2/Security/Createtheauthenticationscript

0 Karma
Highlighted

Re: Can I have a splunk link be externally accessed by clicking the link and have the username and password passed to it?

Influencer

Perhaps you could explain more of your thought process on how changing the source of truth of which users and roles are available to Splunk would enable a seamless transition from a 3rd party site to a dashboard within Splunk? (Knowing that there are already configured users who would likely need to maintain their permissions).

0 Karma
Highlighted

Re: Can I have a splunk link be externally accessed by clicking the link and have the username and password passed to it?

httP://....:8000/splunkApp/account/insecurelogin?username=USERNAME&password=PASSWDreturn_to=%2Fdebug%2Frefresh*

return_to -> Page/view that should be displayed

Above is the way to pass the userName and Password for a HTTP GET request in splunk. You have to enable enableinsecurelogin option in web.conf refer Here

You can simply pass a valid username/password to that url and load it in a iFrame. But that will expose the user name and password. So i suggest the above "External Authentication stuff".......

0 Karma
Highlighted

Re: Can I have a splunk link be externally accessed by clicking the link and have the username and password passed to it?

Influencer

The solution that you're proposing that applies to the problem at hand therefore is enableinsecurelogin. Where the username and password comes from isn't really part of the problem (you can easily make a user in whatever other backing store that you have, you will still expose the username and password for this user using the "enableinsecurelogin" method, and this user and password would be valid for the web and as well as for the insecure login). But since you bring it up, know that enabling scripted authentication to create your faked user/password will only work if you're managing all real users as Splunk users (none of which have the same username as your scripted user). If you're using LDAP you have a problem because you cannot have both LDAP and Scripted auth active at the same time. If you're using Scripted already, you cannot use two scripts at the same time. It'd be easier to just create a stub user in Splunk and map that to the appropriate role(s) if you chose to go this route.

0 Karma
Highlighted

Re: Can I have a splunk link be externally accessed by clicking the link and have the username and password passed to it?

Yes I agree...

I thought the parent screen/App (i.e. the screen to which a splunk is going to be included) is having some authentication mechanism. So when you load the splunk page inside some page which is pre-authenticated .. You can implement your script to interact with that parent app for user validation...

i.e :
1. Authenticate your user within your app
2. Load the splunk inside you app's iframe
3. Implement the splunk's script to interact with your app's REST or some http endpoint to vaidate the user.
4. Validate the user details in your app. (User name maybe a dynamic value stored inside the session of the app)
5. If it is valid proceed...
or just leave it 🙂

0 Karma
Speak Up for Splunk Careers!

We want to better understand the impact Splunk experience and expertise has has on individuals' careers, and help highlight the growing demand for Splunk skills.