Dashboards & Visualizations
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Solved! Jump to solution

Javascript SDK visualizations without putting credentials in code?

csharp_splunk
Splunk Employee
Splunk Employee
‎02-11-2012 03:14 PM

What isn't immediately apparent from looking at the Javascript SDK web examples are how to enable things like the Timeline and Charting views in your own application without distributing Splunk login credentials in code? Does anyone have a good idea on the best method of accomplishing this? I've thought of a proxying the connections to the Splunk server and trapping for login events and overriding credentials in the proxy, but that seems excessive.

Seems like there should be some way of tokenizing login so a publicly accessible web application could access data in Splunk without having to deal with credentials. OAuth support maybe in the future?

Tags (2)
Reply
1 Solution
Solved! Jump to solution
Solution

ineeman
Splunk Employee
Splunk Employee
‎02-13-2012 01:52 PM

Greg's answer is pretty accurate. I'm the developer of the JS SDK - I'll sum up the options that I see for what you want to do:

  1. Hard-code the values in the JS code. You can make it with a public account with limited access, as Greg suggested.
  2. Have a secondary server (say, your website server) do the login for you, and simply pass down the session key, which you can use without a username and password. That way the username/password credentials are only in the back-end.
  3. Have a proxy between you and Splunk that will take all calls to Splunk and simply add in the username/password information.
  4. Have the user supply you with credentials (e.g. their Splunk credentials), assuming that they have one.

Let me know if any of these options don't make sense or you need any help with one of them. You can get in touch with my team at devinfo@splunk.com.

View solution in original post

Reply
Solved! Jump to solution
Solution

ineeman
Splunk Employee
Splunk Employee
‎02-13-2012 01:52 PM

Greg's answer is pretty accurate. I'm the developer of the JS SDK - I'll sum up the options that I see for what you want to do:

  1. Hard-code the values in the JS code. You can make it with a public account with limited access, as Greg suggested.
  2. Have a secondary server (say, your website server) do the login for you, and simply pass down the session key, which you can use without a username and password. That way the username/password credentials are only in the back-end.
  3. Have a proxy between you and Splunk that will take all calls to Splunk and simply add in the username/password information.
  4. Have the user supply you with credentials (e.g. their Splunk credentials), assuming that they have one.

Let me know if any of these options don't make sense or you need any help with one of them. You can get in touch with my team at devinfo@splunk.com.

Reply
Solved! Jump to solution

gkanapathy
Splunk Employee
Splunk Employee
‎02-11-2012 07:50 PM

It's probably easiest for now to just create a public account and code the credentials. it's probably possible in theory to leverage the Splunk SSO functionality to authenticate w/o providing a password, but it's probably a bit involved and would require setting up a dedicated search head instance and configuration for each client, which means, yes, you'll have to have some kind of application server or proxy in place if you're going to have make the javascript calls straight from the browser.

Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Observability Simplified: Combining User Experience, Application Performance & ...

Tech Talk Observability Simplified: Combining User Experience, Application Performance & Network ...

Event Series May & June: From Network Visibility to Service Intelligence

Unifying the Network: Moving from Alert Noise to Service Intelligence with Splunk ITSI In today’s hybrid ...

Global Splunk User Group Events: May + June 2026

Your Splunk Community Awaits: Discover Upcoming User Group Events Worldwide    Staying ahead in the fast-paced ...