Given a Splunk Enterprise instance, we'd like to implement a custom API handler that also sets the CORS headers in the response:
Access-Control-Allow-Origin: http://… Access-Control-Allow-Credentials: true
The goal is to allow a cloud service, with a customer's consent as expressed by installing the custom application AND providing the URL for their Splunk Enterprise instance, to perform a specific search via the custom REST API endpoint handler.
Before we start to dig into it, is there anything in place to prevent or disallow this? Has anyone done this and have any tips?
The doc to implement custom end points in splunk is available here,
Just python implementation..
It internally uses cherrypy, you can set header by
cherrypy.response.headers['Content-Type'] = 'application/json'
Could you give and example, I can´t figure it out. I'm getting No 'Access-Control-Allow-Origin' header is present on the requested resource. Origin 'http://localhost:8000' is therefore not allowed access.
How is your API organized? It can be added in more than one way: when I wrote my response, we were adding exta REST API endpoints via etc/system/local/restmap.conf - this makes them accessible through the management port (8089 by default). There you just add your header to the response:
class YourOwnAPIHandler(splunk.rest.BaseRestHandler): def handle_POST(self): ... self.response.setHeader('access-control-allow-origin', '*') return
The response by paramagurukarthikeyan below shows how to do that in the custom end points created using