Documentation > Splunk > Admin Manual > web.conf

Admin Manual

 


Getting Started
How Splunk Works
Configuring a Splunk Deployment
Data Inputs
Hosts
Source Types
Timestamp Recognition
Events
Event Types
Meta Events
Fields
Segmentation
Saved Searches and Alerts
Authentication
Granular Access Control
Data Distribution
Distributed Search
Deployment Server
Index Management
Bundles
SplunkBase
Performance Tuning
Routine Maintenance
How-To
Troubleshooting
Reference

web.conf

This documentation does not apply to the most recent version of Splunk. Click here for the latest version.

Contents

web.conf

Web.conf contains settings for the SplunkWeb interface.


To edit this configuration for your local Splunk server, make your edits in $SPLUNK_HOME/etc/bundles/local/web.conf.


You can create this file by copying examples from $SPLUNK_HOME/etc/bundles/README/web.conf.example.


Never edit files in our default bundle in $SPLUNK_HOME/etc/bundles/default or your changes may be overwritten in an upgrade.


web.conf.spec 

# Copyright (C) 2005-2007 Splunk Inc.  All Rights Reserved.  Version 3.0 
#
# This file contains all possible options for a "web.conf" file.
#
# Configuration options for the Splunk application server/SplunkWeb GSplunkWeb.
#
[settings]
startwebserver = [0 | 1]
   * indicates whether or not to start the front end web server
httpport = <port_number>
   * must be present for the front-end to start.
   * if port number tag is missing or 0 the server will NOT start an http listener 
sslport  = <port_number>
   * must be present for the front-end to start.
   * if omitted, or given a value of 0 the server will not start an SSL listener
privKeyPath = /certs/privkey.pem
caCertPath = /certs/cert.pem
   * values that will shortly move out of web.conf, and into a different file 
	 called either ssl.conf or server.conf
serviceFormPostURL = http://headlamp.Splunk.com/event/add
userRegistrationURL = https://www.Splunk.com/index.php/pre_reg?destination=prod_reg
updateCheckerBaseURL = http://quickdraw.Splunk.com/js/
   * These are various Splunk.com urls that are configurable. 
   * Setting updateCheckerBaseURL to 0 will stop the SplunkWeb from pinging Splunk.com 
	 for new versions of itself. 
isHosted = [True | False]
   * Setting this to True is not recommended, as it does not entirely work, but 
	 most of the front end will then prevent users from performing mutable 
	 operations such as saving Splunks, tagging hosts, etc...  Not all of the 
	 areas of the SplunkWeb will prevent mutable actions though, and this has been 
	 deprecated for some time.   Notably the Data Inputs SplunkWeb does not pay 
	 attention to this flag. 
disablePersistedPrefs = <string>
   * set to comma separated list of user-types, ex: User or User,Power,Admin
     When set, prefs changes for those users will not be persisted across sessions. 
	 Preferences changes made by those users will be valid only within their 
	 current session.  Used by Splunk's own demos, but generally useful when 
	 many people are sharing the same account.
uiversion = [pinesol | oxiclean]
   * Must be set to either pinesol, or oxiclean. 
     Not recommended in customer installations.   When set to pinesol, Splunk 
	 will try and start with the legacy 2.1 and 2.2 front-end. NOTE: when using 
	 the pinesol front-end with Splunk 3.0, not all features will work correctly.
	 The switchability of the front-end is more to facilitate Splunk's internal 
	 development.
twistedLoginTimeout = <seconds_until_timeout>
   * number of seconds before the twisted session times out,  and idle users 
	 get redirected to the login page. 
restApiPostMode = [none | permissive | strict]
   * sets the type of checking the rest API performs on form submissions
     none = does not check; GET and POST are allowed
     permissive = warns if REST method should be accessed via POST method
     strict = throws error if POST-only REST method is accessed via GET
enableRestControlApi = [True | False]
   * indicates if the /v3/controlapi/ endpoint is active
distributedStatusMessages
   * configuration for various status messages that can come back from servers 
	 in distributed search
#
# Configuration options for the administration section in the Splunk front end
#
[adminTabs]
_order = <string>
   * comma separated values of the tab paths. Controls the order of the tabs 
	 in the SplunkWeb. 
<pathToAdminSection>_label = <string>
   * this is the label on the tab that appears in the SplunkWeb. 
<pathToAdminSection>_roles = <string>
   * comma separated list of user types.
		Admin
		Admin,Power
		Admin,Power,User
     the tab will only appear for users in one of those roles.
	 NOTE - for non-admin users there is a special tab called 'my account' that 
	 appears, and that tab is not configurable here.
Retrieved from "http://docs.splunk.com/Documentation/Splunk/3.1.3/Admin/Webconf"

This documentation applies to the following versions of Splunk: 3.0 , 3.0.1 , 3.0.2 , 3.1 , 3.1.1 , 3.1.2 , 3.1.3 View the Article History for its revisions.


You must be logged into splunk.com in order to post comments. Log in now.

Was this documentation topic helpful?

If you'd like to hear back from us, please provide your email address:

We'd love to hear what you think about this topic or the documentation as a whole. Feedback you enter here will be delivered to the documentation team.

Feedback submitted, thanks!