Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to rewrite url of search head to include domain?

rune_hellem
Contributor
‎10-14-2014 11:56 PM

Currently users can reach our searchead by using both

I want to use URL rewrite so that all requests that do not contain .domain.com adds the .domain.com. This because when we share search results with our hosting partner they need to have the domain added or else their browser will use their own internal domain. It is not a big issue, but sometimes it causes delays in whatever we do when they reply "Splunk is down" or "link does not work".

And if above is possible, is it also possible to rewrite ...domain.com/en-US/ to ...domain.com/en-GB/? I have made instructions for our end users how to change it in their browser, but some have not causing confusion due to "wrong" date format.

Reply
1 Solution
Solved! Jump to solution
Solution

martin_mueller
SplunkTrust
SplunkTrust
‎10-15-2014 01:33 PM

You can define rewrite rules if you have an Apache reverse proxy chained in front of your search head(s), just use mod_rewrite as you normally would. I don't think the CherryPy included with Splunk supports rewrite rules on its own.

Note, this will not fix your domain issue retroactively. If the domain doesn't exist from outside your inner network then they won't even reach the Apache, so the rewrite rules won't work. However, by forcing inner-network users onto the FQDN you will get "clean" links sent out in the future.

View solution in original post

Reply
Solved! Jump to solution

mikaelbje
Motivator
‎11-03-2014 01:15 AM

Hi Rune,

In case you don't want to set up a reverse proxy, I suspect this should have been possible using the following in your local/web.conf file:

[settings]
embed_uri = http://searchhead.domain.com

optional URI scheme/host/port prefix for embedded content

This presents an optional strategy for exposing embedded shared

content that does not require authentication in reverse proxy/SSO environment.

default is empty and will resolve to the client window.location.protocol + "//" + window.location.host

Summary:

  • WORKED: Searching, saving a report, scheduling it and then embedding it and the URL presented to me now had http://searchhead.domain.com in the URI base
  • DIDN'T WORK: Doing a search and then pressing share search - still had the OLD URI.

I expected that embed_uri would work for both ways of "sharing" searches. I've filed a bug report to see if this was also the developer's intention

0 Karma
Reply
Solved! Jump to solution

linu1988
Champion
‎10-15-2014 02:04 PM

use of a load balancer will be very easy solution. but i dont think any user outside the domain reach the link for which you want to re-write the rule.

0 Karma
Reply
Solved! Jump to solution
Solution

martin_mueller
SplunkTrust
SplunkTrust
‎10-15-2014 01:33 PM

You can define rewrite rules if you have an Apache reverse proxy chained in front of your search head(s), just use mod_rewrite as you normally would. I don't think the CherryPy included with Splunk supports rewrite rules on its own.

Note, this will not fix your domain issue retroactively. If the domain doesn't exist from outside your inner network then they won't even reach the Apache, so the rewrite rules won't work. However, by forcing inner-network users onto the FQDN you will get "clean" links sent out in the future.

Reply
Get Updates on the Splunk Community!

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Elevating Digital Service Excellence: The Synergy of Real User Monitoring and Application Performance ...