Getting Data In

How to configure Apache to proxy Splunk Javascript JDK requests from outside Splunk Web?

pedromvieira
Communicator

How can I configure Apache to work as a Proxy for connecting to Splunk Web from outside?

http://dev.splunk.com/view/SP-CAAAEW6

PS: I´m trying login_form and login_verify examples.

http://dev.splunk.com/view/SP-CAAAEWS

My Apache: localhost:80
My Splunk: splunk:8089 (In a Virtual Machine with port redirect)

My Chrome response:

Login failed: No session key available

My CURL response:

{"messages":[{"type":"WARN","text":"Login failed"}]}

My httpd.conf

ServerName localhost:80

LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine On
RewriteRule /proxy/(.*) https://splunk:8089/$1 [E=RU:%1,NS]

LoadModule headers_module modules/mod_headers.so
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "application/x-www-form-urlencoded, x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
0 Karma

pedromvieira
Communicator

My Apache: localhost:80
My Splunk: splunk:8089

This is my httpd.conf:

LoadModule headers_module modules/mod_headers.so
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"

LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine On
RewriteRule /proxy/(.*) https://splunk:8089/$1 [R=200,L]

ServerName localhost:80
0 Karma

ppablo
Retired

Hi @pedromvieira

Just wanted to clarify, but is this the configuration that solved your question?

0 Karma

pedromvieira
Communicator

No. Even with this settings, neither Javascript examples or CURL examples are working.

Normal CURL (WORKING)

curl -L -k https://splunk:8089/services/admin/auth/login?output_mode=json -d"username=admin&password=changeme"

{"sessionKey":"^j7_qi7Xncap_xJQoml_^NwdagtLP3xMHSDBZDrVg2HjJ4PJ6xvmYD1P8^Om3rvTE
ILxA1xFAaElKvg3tkBzfMb9a2Cf1ZBEjUo"}

Redirect CURL (NOT WORKING)

curl -L -k http://localhost:80/proxy/services/admin/auth/login?output_mode=json -d"username=admin&password=changeme"

{"messages":[{"type":"WARN","text":"Login failed"}]}
0 Karma

pedromvieira
Communicator

With this httpd.conf:

ServerName localhost:80

LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine On
RewriteRule /proxy/(.*) https://splunk:8089/$1 [R=307,QSA]

LoadModule headers_module modules/mod_headers.so
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "application/json, application/xml, application/x-www-form-urlencoded, x-requested-with, Content-Type, origin, authorization, accept, client-security-token"

My CURL is working, either directly or via /proxy/
However my JS from example arent. No session key available,

0 Karma
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

From Data to Insight: Announcing the Winners of the Splunk Dashboard Contest

Hi Splunkers, First off, thank you to everyone who participated in our very first From Data to Insight: The ...

Splunk Developers: Construct Your Future at the .conf26 Builder Bar

Calling all Splunk architects, platform admins, and app developers: the site is open, and the blueprints are ...

Quick connection discovery mode for forwarders

When a Splunk forwarder loses connectivity to its indexers, it does not always reconnect immediately. In many ...