Cloud Support » History » Version 3
Luke Murphey, 06/08/2022 05:14 PM
1 | 1 | Luke Murphey | h1. Cloud Support |
---|---|---|---|
2 | 1 | Luke Murphey | |
3 | 3 | Luke Murphey | Website Monitoring will not allow users on Splunk Cloud to create inputs that are not using SSL (they are restricted to monitoring HTTPS). If someone wants to monitor an HTTP site, they need to run a forwarder outside of Splunk's Cloud environment. The app will still allow the creation of HTTP inputs on non-Cloud installs. If you attempt to test it on a non-Cloud install then you will find it will allow the creation of inputs without HTTPS; but this does not mean that the app allows this when on cloud. |
4 | 1 | Luke Murphey | |
5 | 3 | Luke Murphey | You can test this yourself on a local install by setting instanceType to Cloud in @$SPLUNK_HOME/etc/system/local/server.conf@ (see https://community.splunk.com/t5/Developing-for-Splunk-Enterprise/How-do-I-programmatically-determine-if-my-app-is-running-on/m-p/312077): |
6 | 1 | Luke Murphey | |
7 | 3 | Luke Murphey | <pre> |
8 | 3 | Luke Murphey | [general] |
9 | 3 | Luke Murphey | instanceType = cloud |
10 | 3 | Luke Murphey | </pre> |
11 | 3 | Luke Murphey | |
12 | 3 | Luke Murphey | If you attempt to make an input with an HTTP protocol on a Splunk Cloud environment, you will see the following message: |
13 | 3 | Luke Murphey | |
14 | 3 | Luke Murphey | !HTTP_not_allowed.jpg! |
15 | 3 | Luke Murphey | |
16 | 3 | Luke Murphey | h2. How this is enforced |
17 | 3 | Luke Murphey | This is enforced in the backend code in the modular input (https://github.com/LukeMurphey/splunk-website-monitoring/blob/master/src/bin/web_ping.py) which will reject attempts to make an input that uses HTTP on Splunk Cloud and will refuse to run inputs on Cloud (in case the user created an input manually via inputs.conf). |
18 | 3 | Luke Murphey | |
19 | 3 | Luke Murphey | See the following line in web_ping.py shows that the URL field is set to require HTTPS if on cloud: |
20 | 3 | Luke Murphey | |
21 | 1 | Luke Murphey | <pre><code class="python"> |
22 | 2 | Luke Murphey | URLField("url", "URL", "The URL to connect to (must be be either HTTP or HTTPS protocol)", empty_allowed=False, require_https_on_cloud=True), |
23 | 2 | Luke Murphey | </code></pre> |
24 | 2 | Luke Murphey | |
25 | 3 | Luke Murphey | The base class determines if the environment is a cloud instance by checking the server-info endpoint ("splunk-modular-input/server_info.py":https://github.com/LukeMurphey/splunk-modular-input/blob/fbc464bc8e2116c756dc5c68922114387924ce9e/src/modular_input_base_class.py#L495). This is then used in the modular input base class to make a determination if it is on cloud ("splunk-modular-input/modular_input_base_class.py":https://github.com/LukeMurphey/splunk-modular-input/blob/fbc464bc8e2116c756dc5c68922114387924ce9e/src/modular_input_base_class.py#L495). |