Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to get Splunk to work behind a proxy

mikebrooker
Explorer
‎09-26-2012 06:27 AM

I need to configured Splunk (running on RHEL6) to work behind a proxy, I tried the recommended approach and it didn't work. On each I restarted Splunk, also note yum-cron/updates works fine.

To get around this problem, you need to set the http_proxy environment variable. For permanent results, you can specify the setting in the splunk-launch.conf configuration file, located in $SPLUNK_HOME/etc/ on *nix systems and %SPLUNK_HOME%\etc\ on Windows.
In splunk-launch.conf, add this attribute/value pair:
http_proxy = :
For example:
http_proxy = 10.1.8.11:8787
I then tried this:
added to opt/splunk/etc/system/default/prefs.conf
proxy=http://proxy.local:80/
proxy_username=xxxx
proxy_password=xxxxx

Questions

1) On Linux, which is the correct file to add the proxy settings? I have seen atleast 3 files mentioned, being:
splunk-launch.conf
prefs.configuration
editing the /etc/init.d/splunk startup script

2) Does the proxy environment variable follow a typical Linux format?
For example, are these valid?

proxy=http://proxy.local:80/
proxy_username=a_user
proxy_password=a_password

or

Acquire::http::proxy "http://a_user:a_password@proxy.local:80/";

What is the correct why to achieve access from behind a proxy?

Tags (2)
Reply

MarioM
Motivator
‎09-26-2012 01:43 PM

1) http_proxy=proxy.local:80 in splunk-launch.conf

2) splunk uses urllib2 then it should support the following parameters http_proxy=a_user:a_password@proxy.local:80 but you will need to try as i am not sure :

Reply

sworisbreathing
Engager
‎08-05-2013 06:19 PM

http_proxy=a_user:a_password@proxy.local:80 worked for me (I also set the same value as https_proxy)

0 Karma
Reply
Get Updates on the Splunk Community!

Tech Talk Recap | Mastering Threat Hunting

Mastering Threat HuntingDive into the world of threat hunting, exploring the key differences between ...

Observability for AI Applications: Troubleshooting Latency

If you’re working with proprietary company data, you’re probably going to have a locally hosted LLM or many ...

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In the age of AI, every tool promises to make our lives easier. From summarizing content to writing code, ...