Re: How to configure Apache to proxy Splunk Javasc...

pedromvieira · ‎01-20-2015

How can I configure Apache to work as a Proxy for connecting to Splunk Web from outside?

http://dev.splunk.com/view/SP-CAAAEW6

PS: I´m trying login_form and login_verify examples.

http://dev.splunk.com/view/SP-CAAAEWS

My Apache: localhost:80
My Splunk: splunk:8089 (In a Virtual Machine with port redirect)

My Chrome response:

Login failed: No session key available

My CURL response:

{"messages":[{"type":"WARN","text":"Login failed"}]}

My httpd.conf

ServerName localhost:80

LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine On
RewriteRule /proxy/(.*) https://splunk:8089/$1 [E=RU:%1,NS]

LoadModule headers_module modules/mod_headers.so
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "application/x-www-form-urlencoded, x-requested-with, Content-Type, origin, authorization, accept, client-security-token"

pedromvieira · ‎01-25-2015

My Apache: localhost:80
My Splunk: splunk:8089

This is my httpd.conf:

LoadModule headers_module modules/mod_headers.so
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "x-requested-with, Content-Type, origin, authorization, accept, client-security-token"

LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine On
RewriteRule /proxy/(.*) https://splunk:8089/$1 [R=200,L]

ServerName localhost:80

ppablo · ‎01-26-2015

Hi @pedromvieira

Just wanted to clarify, but is this the configuration that solved your question?

pedromvieira · ‎01-26-2015

No. Even with this settings, neither Javascript examples or CURL examples are working.

Normal CURL (WORKING)

curl -L -k https://splunk:8089/services/admin/auth/login?output_mode=json -d"username=admin&password=changeme"

{"sessionKey":"^j7_qi7Xncap_xJQoml_^NwdagtLP3xMHSDBZDrVg2HjJ4PJ6xvmYD1P8^Om3rvTE
ILxA1xFAaElKvg3tkBzfMb9a2Cf1ZBEjUo"}

Redirect CURL (NOT WORKING)

curl -L -k http://localhost:80/proxy/services/admin/auth/login?output_mode=json -d"username=admin&password=changeme"

{"messages":[{"type":"WARN","text":"Login failed"}]}

pedromvieira · ‎01-28-2015

With this httpd.conf:

ServerName localhost:80

LoadModule rewrite_module modules/mod_rewrite.so
RewriteEngine On
RewriteRule /proxy/(.*) https://splunk:8089/$1 [R=307,QSA]

LoadModule headers_module modules/mod_headers.so
Header always set Access-Control-Allow-Origin "*"
Header always set Access-Control-Allow-Methods "POST, GET, OPTIONS, DELETE, PUT"
Header always set Access-Control-Max-Age "1000"
Header always set Access-Control-Allow-Headers "application/json, application/xml, application/x-www-form-urlencoded, x-requested-with, Content-Type, origin, authorization, accept, client-security-token"

My CURL is working, either directly or via /proxy/
However my JS from example arent. No session key available,

How to configure Apache to proxy Splunk Javascript JDK requests from outside Splunk Web?

Introducing the Splunk Community Dashboard Challenge!

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...