Splunk Free and authentication protection
Jump to navigation
Jump to search
get latest splunk verstion from:
http://www.splunk.com
install/update splunk
rpm -Uhv splunk*.rpm
install apache (rhel5)
yum -y install httpd
add config to httpd.conf
NameVirtualHost *:80 <virtualhost *:80> ServerAlias lompetier.tc.corp ProxyPass / http://127.0.0.1:8000/ ProxyPassReverse / http://127.0.0.1:8000/ </virtualhost> <proxy http://127.0.0.1:8000/*> Order deny,allow Deny from all Allow from all AuthName "Splunk DTA Login" AuthType Basic AuthUserFile /var/www/html/.htpasswd Require valid-user </proxy>
create a user and password for protection of splunk
htpasswd -c /var/www/html/.htpasswd admin
make spkunk boot save
ln -s /opt/splunk/bin/splunk /etc/init.d/splunk ln -s /opt/splunk/bin/splunk /etc/rc5.d/S99splunk ln -s /opt/splunk/bin/splunk /etc/rc5.d/K01splunk ln -s /opt/splunk/bin/splunk /etc/rc6.d/K01splunk ln -s /opt/splunk/bin/splunk /etc/rc0.d/K01splunk /opt/splunk/bin/splunk start chkconfig httpd on service httpd restart
that's it
of course you have also to turn iptables on and open up port 80