Autologin

Compatible with Splunk 3.x

Author: kordless	Date Added:	Feb 13, 2009	Flag as Miscategorized Mistyped Inappropriate
Downloads:140	Last Updated:	Feb 20, 2009
Type: Other, Integration	License:	Creative Commons
	Price:	Free

Version: 1.3

Free Download View Contents

By downloading from Splunkbase, you agree to our Downloading Terms and Conditions »

Most of the applications and content on Splunkbase are submitted by parties other than us. That third-party content is the sole responsibility of the originator of that content. We are not responsible for any third-party content, whether or not we reviewed or moderated such content. You agree that you bear all risks ass ociated with using or relying on applications and content on Splunkbase. We do not in any way warrant the accuracy, reliability, completeness, usefulness, non-infringement, or quality of any applications or content on Splunkbase, regardless of who originated that content (including our employees, partners, affiliates or moderators), and even if an application is designated as "certified". We hereby disclaim all warranties, including but not limited to any implied warranties of merchantability or fitness for a particular purpose, relating to such applications or content. We shall not be liable or responsible in any way for any losses or damage of any kind, including lost profits or other indirect or consequential damages, relating to your use of or reliance upon any applications or content on Splunkbase.

Categories:

• 3.x » Technologies » Splunk

Description

Need to get into a Splunk Enterprise interface fast, and don't want to go through the login to do it? The Autologin app lets you configure an unprivileged user to be automatically logged into your Splunk instance when they use a special URL on the Splunkd server.

Requires Splunk Enterprise, an unprivileged guest account, and the Splunkd listening port open to your web browser.

About

As the name implies, this app provides a way to automatically log a user into a Splunk instance without needing to enter a username or password in the Splunk login box. This is accomplished by using the Splunkd server to serve up a simple AJAX based HTML page, which then asks Splunkd to proxy a request to SplunkWeb to authenticate a user. The response is used to set a cookie, and then the user is redirected to the main view of the Splunk install. It's magic really.

Note: If your splunkd server is located on a box other than a respective splunkweb server, this app won't work due to limits in cross domain AJAX calls. Sorry.

Getting Setup

• Create a guest account that has lowered privileges on your Splunk server.

• Install the app by downloading, and untarring in the $SPLUNK_HOME/etc/apps directory, or installing directly from SplunkBase.

• Restart Splunk.

• Log back in, click on the 'admin' link in the top right, then on the 'applications' link in the left nav, then click on the 'configure' link to the right of the app name.

• Enter the guest account's username and password in the text entry boxes. The password will be visible in clear text.

• Click 'save', then restart Splunk again.

• Determine the URL to give your users. It will be of the format: https://splunk.example.com:8089/services/autologin/login.html - and will depend on the port you have Splunkd listening on, and whether or not you have SSL enabled.

Because the connection between the browser and Splunkd is encrypted, your user/pass are somewhat secure when being sent over. However, putting these credentials in a text file which is readable by others is 'Not A Very Good Idea'.

I strongly recommend NOT authenticating users which have elevated roles with this technique.