Re: How to configure Apache to proxy Splunk Javasc...

pedromvieira · ‎01-20-2015

How can I configure Apache to work as a Proxy for connecting to Splunk Web from outside?

http://dev.splunk.com/view/SP-CAAAEW6

PS: I´m trying login_form and login_verify examples.

http://dev.splunk.com/view/SP-CAAAEWS

My Apache: localhost:80
My Splunk: splunk:8089 (In a Virtual Machine with port redirect)

My Chrome response:

Login failed: No session key available

My CURL response:

{"messages":[{"type":"WARN","text":"Login failed"}]}

My httpd.conf

ServerName localhost:80

LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine On
RewriteRule /proxy/(.*) https://splunk:8089/$1 [E=RU:%1,NS]

LoadModule headers_module modules/mod_headers.so
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "application/x-www-form-urlencoded, x-requested-with, Content-Type, origin, authorization, accept, client-security-token"

pedromvieira · ‎01-25-2015

My Apache: localhost:80
My Splunk: splunk:8089

This is my httpd.conf:

LoadModule headers_module modules/mod_headers.so
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"

LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine On
RewriteRule /proxy/(.*) https://splunk:8089/$1 [R=200,L]

ServerName localhost:80

ppablo · ‎01-26-2015

Hi @pedromvieira

Just wanted to clarify, but is this the configuration that solved your question?

pedromvieira · ‎01-26-2015

No. Even with this settings, neither Javascript examples or CURL examples are working.

Normal CURL (WORKING)

curl -L -k https://splunk:8089/services/admin/auth/login?output_mode=json -d"username=admin&password=changeme"

{"sessionKey":"^j7_qi7Xncap_xJQoml_^NwdagtLP3xMHSDBZDrVg2HjJ4PJ6xvmYD1P8^Om3rvTE
ILxA1xFAaElKvg3tkBzfMb9a2Cf1ZBEjUo"}

Redirect CURL (NOT WORKING)

curl -L -k http://localhost:80/proxy/services/admin/auth/login?output_mode=json -d"username=admin&password=changeme"

{"messages":[{"type":"WARN","text":"Login failed"}]}

pedromvieira · ‎01-28-2015

With this httpd.conf:

ServerName localhost:80

LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine On
RewriteRule /proxy/(.*) https://splunk:8089/$1 [R=307,QSA]

LoadModule headers_module modules/mod_headers.so
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "application/json, application/xml, application/x-www-form-urlencoded, x-requested-with, Content-Type, origin, authorization, accept, client-security-token"

My CURL is working, either directly or via /proxy/
However my JS from example arent. No session key available,

How to configure Apache to proxy Splunk Javascript JDK requests from outside Splunk Web?

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Announcing Modern Navigation: A New Era of Splunk User Experience

Modernize your Splunk Apps – Introducing Python 3.13 in Splunk

Step into “Hunt the Insider: An Splunk ES Premier Mystery” to catch a cybercriminal ...

Join the Conversation