Having the release update notes on the log in page of splunk is nice however it is a security risk as well. An attacker can easily see the current version of splunk and use that info for an attack. Also splunk sends updates to this page showing latest release and reasons for updating to the latest release. This provides even more info to the hacker. IS this a user configuration setting to not show this info ... if so .. the default setting should be to not show this info on the login web page.
This info could be displayed after the user logs in ?
You can disable the login page banner content by changing the
updateCheckerBaseURL setting in
updateCheckerBaseURL = http://quickdraw.Splunk.com/js/ * These are various Splunk.com urls that are configurable. * Setting updateCheckerBaseURL to 0 will stop the SplunkWeb from pinging Splunk.com for new versions of itself.
The only way to remove the version information at the bottom of the page would be to edit the template files in
.../logout.html - however, these updates will not persist through an upgrade so you will have to re-apply them as part of your upgrade process
You can disable the login page banner content by changing the updateCheckerBaseURL setting in $SPLUNK_HOME/etc/system/local/web.conf
updateCheckerBaseURL = 0
THIS DOES NOT FUNCTION AS EXPECTED in Splunk 6.5.0.
What other course of action can I take.