Getting Data In
Highlighted

Cross-Domain requests when using RESTful API

Engager

Hi guys.

I want to push error logs from a silverlight app to our splunk installation.
I'm using the splunk RESTful API and it works quite nicely (for non-web clients)

So I have a site: www.xxx.com. (Server 1)
And a splunk installation at: (Server 2).

Problem is I can't make web requests from www.xxx.com to Server 2, because of the same origin policy (See http://en.wikipedia.org/wiki/Same_origin_policy).

Silverlight allows such web requests if Server 2 has a clientaccesspolicy.xml or crossdomain.xml at the root of the request.

So the first thing silverlight does when I request https://server2:8089/services/receivers/simple
is request a clientaccesspolicy.xml from https://splunk_server2:8089/clientaccesspolicy.xml.

My question is: How can I make splunk return me an xml written by me when I call the https://splunk_server2:8089/clientaccesspolicy.xml url.

Highlighted

Re: Cross-Domain requests when using RESTful API

Splunk Employee
Splunk Employee

You won't be able to get splunkd to return a client access policy. I would recommend against using cross-domain requests. In fact, I don't see why a cross domain request is required at all for your web service to post to Splunk's REST API, but I might be misunderstanding your question.

Highlighted

Re: Cross-Domain requests when using RESTful API

Engager

my web service is not posting data. I was trying to post err log data directly from the client's browser (e.g. javascript/flash/silverlight) to a splunk installation which is not on the same server as the web server.
But I do agree it's a bad idea, especially because username/pass is in clear text for the rest api.

I've solved my problem with a custom web page on my web server that receives log data on post parameters, and logs it to splunk using the REST api.

Highlighted

Re: Cross-Domain requests when using RESTful API

Splunk Employee
Splunk Employee

That is the approach I would recommend, to build a proxy on the server rather than doing cross-domain requests. Well done!

0 Karma