Splunk Search

Enabling 'Insecure Login' within web.conf

driva
Path Finder

Hi guys,

I'd like to be able to allow 'insecure' logins for my dashboards to be used with an internal signage solution.

I have changed the value of  'enable_insecure_login = False' to 'True' within var\run\splunk\merged\web.conf. I can save, close, then reopen the file and the value is still set as 'True'.

HOWEVER...

If I restart my Splunk server (to pick up the new change), the value reverts back to 'False' and I'm unable to access the dashboard using the insecure URL.

Does anyone know why the 'web.conf' file may reset the change I made after a restart?

Thanks for your help!

Best wishes,
D

0 Karma

impurush
Contributor

HI @driva 
If it is in a clustered environment, probably the artifacts are replicating when you restart the server and it replicated with the other servers.
You can try creating a web.con under /etc/system/local and add the insecure web login option and restart the server.

Tags (1)
0 Karma

driva
Path Finder

Hi @impurush,

Thanks for getting back to me on this. It's not a clustered environment, just a standalone deployment which makes it an odd problem to have! I'll try and add the .conf file under /local and see if it works.

Thanks. 

Best wishes,

D

0 Karma
Get Updates on the Splunk Community!

Demo Day: Strengthen Your SOC with Splunk Enterprise Security 8.1

Today’s threat landscape is more complex than ever. Security operation centers (SOCs) are overwhelmed with ...

Dashboards: Hiding charts while search is being executed and other uses for tokens

There are a couple of features of SimpleXML / Classic dashboards that can be used to enhance the user ...

Splunk Observability Cloud's AI Assistant in Action Series: Explaining Metrics and ...

This is the fourth post in the Splunk Observability Cloud’s AI Assistant in Action series that digs into how ...