Dashboards & Visualizations
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Can I disable showsource to keep my view XML private?

lguinn2
Legend
‎12-09-2010 09:03 PM

You can add ?showsource=1 (or ?showsource=true) to the end of any address in your browser and see the underlying Splunk modules and XML source. Nice.

But if I am developing an app that I want to sell, I might not want to give away the "source code."

Can I disable showsource?

Tags (1)
Reply
1 Solution
Solved! Jump to solution
Solution

ziegfried
Influencer
‎12-09-2010 09:25 PM

This is not possible. When you're giving your app to someone, he can just unpack it and take a look at the view files directly. There's no way to protect or encrypt this yet.

View solution in original post

Reply
Solved! Jump to solution

gkanapathy
Splunk Employee
Splunk Employee
‎12-10-2010 07:30 AM

In addition to the other answers, I wouldn't worry too much about this today. The view XML is currently so limited that I find it hard to imagine it's even possible to create something worth hiding. It may be maddeningly difficult to read or write, but it's about as complex and interesting as the navigation menu structure. (And I mean "complex" in the sense of "able to express complex forms" not simply "complicated". It is indeed the latter.)

Reply
Solved! Jump to solution

lguinn2
Legend
‎12-10-2010 04:46 PM

You made me laugh.

0 Karma
Reply
Solved! Jump to solution

southeringtonp
Motivator
‎12-09-2010 09:26 PM

I'm not aware of a way, but perhaps one exists.

Even if you were able to disable that particular method, however, there are plenty of other ways to see the source XML.

Once an app is installed, users with admin privileges will be able to view and edit the source in the Manager. Also, the raw XML files will be visible in the app's default/data/ui/views directory, and the SplunkBase archive format is just .tar.gz format renamed to .spl, making it trivial to extract the information there.

Splunk admins may also need to be able to modify the view definition to adjust for differences in their data, especially if there are search strings embedded in the XML.

Trying to restrict access to an app's XML from end users is one thing; trying to hide it from the Splunk admin is quite another.

Reply
Solved! Jump to solution

lguinn2
Legend
‎12-10-2010 04:46 PM

I see the distinction. At some point, I might want to do both... Thanks for the answer.

0 Karma
Reply
Solved! Jump to solution
Solution

ziegfried
Influencer
‎12-09-2010 09:25 PM

This is not possible. When you're giving your app to someone, he can just unpack it and take a look at the view files directly. There's no way to protect or encrypt this yet.

Reply
Solved! Jump to solution

BobM
Builder
‎12-30-2011 01:39 PM

Because you may want to hide something from users rather than admins.

0 Karma
Reply
Solved! Jump to solution

lguinn2
Legend
‎12-10-2010 04:47 PM

Excellent point. Why protect it dynamically if any person who downloads it can just look at the static files...

0 Karma
Reply
Get Updates on the Splunk Community!

Adoption of RUM and APM at Splunk

    Unleash the power of Splunk Observability   Watch Now In this can't miss Tech Talk! The Splunk Growth ...

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...