Insecure login issue in new splunk setup

strive · ‎10-04-2013

Hi,

In our system, we are always getting insecure login error. Our system is on RHEL 5.x. When I reboot the Search Head node, the 8000 port will be assigned and SH starts normally. Now when I try to login to the system, I get insecure login pop-up message in Firefox and IE. When i check the SH and try to stop and restart splunk on SH node, i get message 8000 port is not available.

Is there any settings that should be enabled on SH node to avoid the insecure login issue.

Thanks

Strive

matt · ‎10-04-2013

enable_insecure_login is a setting that was added to allow a dashboard to be rendered in something other than Splunk. Are you doing that in your enviormnent? If not you probably want to disable the setting since it allows credentials to be passed in the clear (hence calling it insecure login). With that said I do not believe that setting is related to your setting. What version of Splunk are you running? Do you have update checking turned on? If you inspect the page in Firebug (or something similar) to do you see an insecure elements in the HTML?

strive · ‎10-04-2013

Our web.conf has enable_insecure_login set to true.

Insecure login issue in new splunk setup

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

.conf24 | Personalize your .conf experience with Learning Paths!

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...