Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

How to configure "guest" access to Splunk-Web with no password?

jbp4444
Path Finder
‎05-19-2011 08:44 AM

I'd like to open up some of Splunk-web for any user to access, e.g. so that they can see overall load/usage of a cluster of machines before trying to login to one.

One approach is to just create a new user with limited functionality -- guest -- and assign it a simple password that I hand out to everyone. This works, and I can assign it to default to a known app/dashboard, but seems kind of silly.

Is there a way to just open up Splunk-web, or specifically an app or dashboard, so that anyone can access it without typing in a username/password?

Tags (2)
Reply
1 Solution
Solved! Jump to solution
Solution

jbsplunk
Splunk Employee
Splunk Employee
‎05-19-2011 09:38 AM

As far as I know, the latter choice of opening up Splunk web without having some form of authentication is not an option. You will need to go with the approach you mentioned first, creating the guest account. I would suggest you create a specific role that contains very limited capabilities associated with the role you've created for this guest user. I wouldn't be comfortable without allowing some level of authentication to track which users are performing particular actions.

View solution in original post

Reply
Solved! Jump to solution

breyes_splunk
Splunk Employee
Splunk Employee
‎01-14-2015 02:51 PM

You can set enable_insecure_login=true in /etc/system/local/web.conf (create this file if it doesn't exist). You can then allow users to skip the login screen by placing the credentials into the url, e.g. http://localhost:8000/en-US/account/insecurelogin?username=guest&password=guest

Reply
Solved! Jump to solution

thahn
Explorer
‎12-11-2018 05:05 AM

Just implemented this in my test setup, it does enable access to Splunk without the usual login prompt.

However: If you are using this option, make sure that you also only use https to access splunk. In case of http, the url parameters (username and password) are transmitted in clear text.

0 Karma
Reply
Solved! Jump to solution
Solution

jbsplunk
Splunk Employee
Splunk Employee
‎05-19-2011 09:38 AM

As far as I know, the latter choice of opening up Splunk web without having some form of authentication is not an option. You will need to go with the approach you mentioned first, creating the guest account. I would suggest you create a specific role that contains very limited capabilities associated with the role you've created for this guest user. I wouldn't be comfortable without allowing some level of authentication to track which users are performing particular actions.

Reply
Solved! Jump to solution

rroberts
Splunk Employee
Splunk Employee
‎10-04-2011 09:46 AM

If you're interested in a Kiosk type of dashboard check out...
http://docs.splunk.com/Documentation/Splunk/latest/Developer/3rdParty

0 Karma
Reply
Get Updates on the Splunk Community!

New in Observability - Improvements to Custom Metrics SLOs, Log Observer Connect & ...

The latest enhancements to the Splunk observability portfolio deliver improved SLO management accuracy, better ...

Improve Data Pipelines Using Splunk Data Management

  Register Now   This Tech Talk will explore the pipeline management offerings Edge Processor and Ingest ...

3-2-1 Go! How Fast Can You Debug Microservices with Observability Cloud?

Register Join this Tech Talk to learn how unique features like Service Centric Views, Tag Spotlight, and ...