Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to integrate a website url to splunk?

mohammadsharukh
Path Finder
‎06-09-2022 07:21 PM

I am stuck on a integration.

Scenario:- we have pas sever who generally does the va scan of all the environment now we need to integrate this with splunk

Problem statement:-the pas server run queries on the data and is storing it in a virtual directory in itslef now the client has installed the windows iis webserver and hosted this directory on a https url and the reports are showing on a url as 

E.g url/report1, url/report2 etc.

Client has created a service account and password for security to login to website and access the reports. 

Now we have 3 things:- https url, username and password. 

Which method of integration i should go with?

Note :- client said no to u.f installation on the windows server and i checked and found no addon on splunkbase

Correct me on Possible solution:-

1) use the inbuilt rest api method but instead of username and password i should ask him for api key?

2)if he cant provide api key then i need to go to addon builder and then create an addon with username and password as authentication? Has anybody worked on this? Is there any documentation avaiy with you? I am not sure of this method

3) use curl command and also put creds and download the report to another server and then use u.f on it to send to splunk. I am not sure of this method due to security concerns.

Help me out url, username ans password

Labels (1)
Labels
0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎06-09-2022 11:38 PM

Hi @mohammadsharukh,

the easiest approach is always using Forwarder, but if you cannot, I hint to use a scipt using REST API.

The problem of login and password is solved by Splunk: you can store credentials in an eacrypted Splunk conf file and run the script by Splunk inputs.

We used this approach for one of out customers and it runs.

You can find the instructions about how to do it at https://www.splunk.com/en_us/blog/security/storing-encrypted-credentials.html

Then you could create a setup page to upload credentials in the encrypted Splunk conf file, for more infos see at https://www.splunk.com/en_us/blog/tips-and-tricks/enable-first-run-app-configuration-with-setup-page....

Ciao.

Giuseppe

0 Karma
Reply
Get Updates on the Splunk Community!

.conf25 Community Recap

Hello Splunkers, And just like that, .conf25 is in the books! What an incredible few days — full of learning, ...

Splunk App Developers | .conf25 Recap & What’s Next

If you stopped by the Builder Bar at .conf25 this year, thank you! The retro tech beer garden vibes were ...

Congratulations to the 2025-2026 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...
Top