Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Splunk Web & Splunkd HTTP Server response header

deyeo
Path Finder
‎04-01-2011 05:22 AM
  1. How do i remove the Splunk web http server response header?

Server: CherryPy/3.1.2

  1. How do i remove the Splunk daemon http server response header?

Server: Splunkd

  1. Any operational issues if the 2 response header are removed?
Tags (2)
Reply
1 Solution
Solved! Jump to solution
Solution

dwaddle
SplunkTrust
SplunkTrust
‎04-03-2011 05:59 PM

I imagine you trying to remove these to satisfy some security / obfuscation requirement.

As far as the Splunkweb CherryPy header goes, that should be in the CherryPy python code somewhere. This is obviously editable by you in your own installation. However, you'll need to be incredibly careful to not break anything -- and this would be overwritten on upgrades.

For the Splunkd header itself, this is compiled into splunkd. I guess you could patch the binary with a hex editor, replacing the "Splunkd" characters with NULLs. This would be EXTREMELY RISKY and not at all recommended.

If this is important to you, I would recommend submitting and Enhancement Request with the details behind why this is needed and exactly what enhancement you are looking for.

View solution in original post

Reply
Solved! Jump to solution
Solution

dwaddle
SplunkTrust
SplunkTrust
‎04-03-2011 05:59 PM

I imagine you trying to remove these to satisfy some security / obfuscation requirement.

As far as the Splunkweb CherryPy header goes, that should be in the CherryPy python code somewhere. This is obviously editable by you in your own installation. However, you'll need to be incredibly careful to not break anything -- and this would be overwritten on upgrades.

For the Splunkd header itself, this is compiled into splunkd. I guess you could patch the binary with a hex editor, replacing the "Splunkd" characters with NULLs. This would be EXTREMELY RISKY and not at all recommended.

If this is important to you, I would recommend submitting and Enhancement Request with the details behind why this is needed and exactly what enhancement you are looking for.

Reply
Solved! Jump to solution

deyeo
Path Finder
‎04-07-2011 07:02 AM

removing or modifying the CherryPy header will affect the PDFserver ability to generate PDF. thus, you need to modify the PDFserver code at ../splunk/etc/apps/pdfserver/bin/pdfhandler.py

Comment out these 3 lines to not check for the existence of CherryPy header:

if 'CherryPy' not in response.get('server', ''):
logger.warn("Remote web server at %s doesn't appear to be running CherryPy" % version_url)
return False

0 Karma
Reply
Solved! Jump to solution

deyeo
Path Finder
‎04-05-2011 04:38 AM

the closet file that i can locate is: ..\splunk\lib\python2.6\site-packages\cherrypy_cprequest.py

is this the correct file?

0 Karma
Reply
Solved! Jump to solution

deyeo
Path Finder
‎04-04-2011 07:20 AM

which particular py file contains the Splunkweb CherryPy header ?

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Wednesday, May 29, 2024  |  11AM PST / 2PM ESTRegister now and join us to learn more about how you can ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...

We’re excited to announce a new Splunk certification exam being released at .conf24! If you’re headed to Vegas ...