Getting Data In

How to configure Apache to proxy Splunk Javascript JDK requests from outside Splunk Web?

pedromvieira
Communicator

How can I configure Apache to work as a Proxy for connecting to Splunk Web from outside?

http://dev.splunk.com/view/SP-CAAAEW6

PS: I´m trying login_form and login_verify examples.

http://dev.splunk.com/view/SP-CAAAEWS

My Apache: localhost:80
My Splunk: splunk:8089 (In a Virtual Machine with port redirect)

My Chrome response:

Login failed: No session key available

My CURL response:

{"messages":[{"type":"WARN","text":"Login failed"}]}

My httpd.conf

ServerName localhost:80

LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine On
RewriteRule /proxy/(.*) https://splunk:8089/$1 [E=RU:%1,NS]

LoadModule headers_module modules/mod_headers.so
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "application/x-www-form-urlencoded, x-requested-with, Content-Type, origin, authorization, accept, client-security-token"
0 Karma

pedromvieira
Communicator

My Apache: localhost:80
My Splunk: splunk:8089

This is my httpd.conf:

LoadModule headers_module modules/mod_headers.so
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"

LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine On
RewriteRule /proxy/(.*) https://splunk:8089/$1 [R=200,L]

ServerName localhost:80
0 Karma

ppablo
Retired

Hi @pedromvieira

Just wanted to clarify, but is this the configuration that solved your question?

0 Karma

pedromvieira
Communicator

No. Even with this settings, neither Javascript examples or CURL examples are working.

Normal CURL (WORKING)

curl -L -k https://splunk:8089/services/admin/auth/login?output_mode=json -d"username=admin&password=changeme"

{"sessionKey":"^j7_qi7Xncap_xJQoml_^NwdagtLP3xMHSDBZDrVg2HjJ4PJ6xvmYD1P8^Om3rvTE
ILxA1xFAaElKvg3tkBzfMb9a2Cf1ZBEjUo"}

Redirect CURL (NOT WORKING)

curl -L -k http://localhost:80/proxy/services/admin/auth/login?output_mode=json -d"username=admin&password=changeme"

{"messages":[{"type":"WARN","text":"Login failed"}]}
0 Karma

pedromvieira
Communicator

With this httpd.conf:

ServerName localhost:80

LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine On
RewriteRule /proxy/(.*) https://splunk:8089/$1 [R=307,QSA]

LoadModule headers_module modules/mod_headers.so
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "application/json, application/xml, application/x-www-form-urlencoded, x-requested-with, Content-Type, origin, authorization, accept, client-security-token"

My CURL is working, either directly or via /proxy/
However my JS from example arent. No session key available,

0 Karma
Get Updates on the Splunk Community!

Why You Can't Miss .conf25: Unleashing the Power of Agentic AI with Splunk & Cisco

The Defining Technology Movement of Our Lifetime The advent of agentic AI is arguably the defining technology ...

Deep Dive into Federated Analytics: Unlocking the Full Power of Your Security Data

In today’s complex digital landscape, security teams face increasing pressure to protect sprawling data across ...

Your summer travels continue with new course releases

Summer in the Northern hemisphere is in full swing, and is often a time to travel and explore. If your summer ...