there are couple ways to change and custom the login page.
here is a link to an answer on this subject: https://answers.splunk.com/answers/504574/how-to-add-the-search-head-name-or-vm-name-to-logi.html
hope it helps
Take a look at this example and see if this fits the bill: https://answers.splunk.com/answers/333645/how-to-create-a-custom-message-on-the-login-page-f.html
Essentially, you will modify the web.conf file and set the login_content key
* Add custom content to the login page
* Supports any text including html
I can use that to publish links to usage documents and internal reference material, however I still need to find a function where a user has to accept a statement either before or after they log in.
I have searched through web.conf and splunkbase and not yet found anything available.
Could you write your warning banner to say something like this?
login_content = You are about to access a computer network that is intended for authorized users only. You should have no expectation of privacy in your use of this network. Use of this system constitutes consent to monitoring, retrieval, and disclosure of any information stored within the network for any purpose including criminal prosecution. If you do not consent to monitoring, then please leave now.
Basically by logging on you are saying you consent to monitor and thus eliminate the need to add buttons.
Would that work?