Dashboards & Visualizations
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to change the default local for the web UI

ByteFlinger
Engager
‎10-10-2017 12:33 AM

From the little documentation I can find, it seems that Splunk Search head Web UI will attempt to use the locale configure in your browser.

I am in an european country which language is not supported in Splunk so the UI keeps defaulting to en_US.

How do I tell Splunk to default to en_GB (Or one of the other support Splunk languages) so we get more sensible timestamps in the UI?

I am looking for a "proper" solution (A simple configuration somewhere) and NOT having to manually change the URL address in the browser nor have to hack python files which may break on upgrades.

0 Karma
Reply

sbbadri
Motivator
‎10-10-2017 07:06 AM

@ByteFlinger

Please check below splunk answer it might help you,
https://answers.splunk.com/answers/10265/change-default-web-ui-locale.html
https://docs.splunk.com/Documentation/SplunkCloud/6.6.3/AdvancedDev/TranslateSplunk
or

go to this location,
$SPLUNK_HOME$/lib/python2.7/site-packages/splunk/appserver/mrsparkle/locale

1) make sure en_GB is present.
2) tar en_US
3) Delete en_US

0 Karma
Reply

Lucas_K
Motivator
‎10-17-2017 06:16 PM

Deletion of the en_US dir breaks the splunk ui. There must be some other dependency that the UI requires from the en_US directory.

"Error connecting: Connection refused"

0 Karma
Reply

cpetterborg
SplunkTrust
SplunkTrust
‎10-10-2017 03:24 AM

According to the documentation:

https://docs.splunk.com/Documentation/Splunk/7.0.0/Admin/Userlanguageandlocale

It is browser specified, which makes it difficult for you, since that would break other things for you. And since the override method of changing the URL is not what you are looking for, you may be out of luck for a simple solution.

Have thought about using a "vanity URL" that redirects from a simple URL to the one that you want? It should do what you want in all other aspects. So you set up splunk.mybiz.se to point to splunk.mybiz.se:8000/en_GB. We use nginx to redirect our Splunk access through to the 8000 port, and I don't see any reason that you could not do the same thing in this case.

0 Karma
Reply

ByteFlinger
Engager
‎10-10-2017 06:52 AM

If we had an nginx sure however we go directly to the search head as we only have one. Thanks for the answer, it sounds strange that there is no way to change this as clearly my browser is not reporting en-US

0 Karma
Reply

cpetterborg
SplunkTrust
SplunkTrust
‎10-10-2017 07:14 AM

You should be able to run nginx on the same server and have it only answer on port 80, which Splunk doesn't normally answer on anyway. If you ever have more than one SH, it would come in handy for load balancing anyway.

0 Karma
Reply
Get Updates on the Splunk Community!

Get Inspired! We’ve Got Validation that Your Hard Work is Paying Off

We love our Splunk Community and want you to feel inspired by all your hard work! Eric Fusilero, our VP of ...

What's New in Splunk Enterprise 9.4: Features to Power Your Digital Resilience

Hey Splunky People! We are excited to share the latest updates in Splunk Enterprise 9.4. In this release we ...

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...