Dashboards & Visualizations

Embed an external webpage with login to splunk dashboard

meenu_2017
Engager

I'm checking to see if i can embed an external web page which requires a login to the splunk dashboard.
I'm able to add the web page to a panel using iframe, but it is not letting me log in. Any idea what might be happening?
I otherwise have access to the external website.

Labels (1)
0 Karma
1 Solution

DavidHourani
Super Champion

Hi @meenu_2017,

On the iframe subject, which browser are you using ? Have you tried running the same page on a different browser ?

Could be a security feature on the client side blocking your access. It could also be from the server side .. harder to bypass if you're not managing the website.

iframe could be a risk for clickjacking and here are the security methods commonly used :
Client-side methods – the most common is called Frame Busting. Client-side methods can be effective in some cases, but are considered not to be a best practice, because they can be easily bypassed.
Server-side methods – the most common is X-Frame-Options. Server-side methods are recommended by security experts as an effective way to defend against clickjacking.

If embedding a website on your webpage can be bypassed then it's probably better to simply add a link to your website somewhere on the page .

Cheers,
David

View solution in original post

0 Karma

DavidHourani
Super Champion

Hi @meenu_2017,

On the iframe subject, which browser are you using ? Have you tried running the same page on a different browser ?

Could be a security feature on the client side blocking your access. It could also be from the server side .. harder to bypass if you're not managing the website.

iframe could be a risk for clickjacking and here are the security methods commonly used :
Client-side methods – the most common is called Frame Busting. Client-side methods can be effective in some cases, but are considered not to be a best practice, because they can be easily bypassed.
Server-side methods – the most common is X-Frame-Options. Server-side methods are recommended by security experts as an effective way to defend against clickjacking.

If embedding a website on your webpage can be bypassed then it's probably better to simply add a link to your website somewhere on the page .

Cheers,
David

0 Karma

meenu_2017
Engager

To answer your question,David I did try on a different browser and didnot work there either. So i think its a security feature for the website.
But thanks for the details.

[Updated the comment for clarity]

0 Karma

DavidHourani
Super Champion

Great to hear !

0 Karma
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

(view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...