Documentation > Splunk > Admin Manual > web.conf

Admin Manual

 


Welcome
What to do first
Start Splunk
Meet Splunk Web and Splunk Apps
Before you configure
Add data and configure inputs
Indexing and event processing
Timestamps
Add and manage users
Manage indexes
Define alerts
Set up backups and retention policies
Configure data security
Set up forwarding and receiving
Deploy to other Splunk instances
Set up distributed search
Manage search jobs
Use Splunk's command line interface (CLI)
Configuration file reference
Troubleshooting

web.conf

This documentation does not apply to the most recent version of Splunk. Click here for the latest version.

Contents

web.conf

The following are the spec and example files for web.conf.

web.conf.spec

# Copyright (C) 2005-2010 Splunk Inc.  All Rights Reserved.  Version 4.0
#
# This file contains possible attributes and values you can use to configure Splunk's web interface.
#
# There is a web.conf in $SPLUNK_HOME/etc/system/default/.  To set custom configurations, 
# place a web.conf in $SPLUNK_HOME/etc/system/local/.  For examples, see web.conf.example.
# You must restart Splunk to enable configurations.
#
# To learn more about configuration files (including precedence) please see the documentation 
# located at http://www.splunk.com/base/Documentation/latest/Admin/Aboutconfigurationfiles


[settings]
	* Set general SplunkWeb configuration options under this stanza name.
	* Follow this stanza name with any number of the following attribute/value pairs.  
	* If you do not specify an entry for each attribute, Splunk will use the default value.

startwebserver = [0 | 1]
   	* Set whether or not to start SplunkWeb.
   	* 0 disables SplunkWeb, 1 enables it.
   	* Defaults to 1.

httpport = <port_number>
   	* Must be present for SplunkWeb to start.
   	* If omitted or 0 the server will NOT start an http listener.
   	* Defaults to 8000.

mgmtHostPort = <IP:port>
   	* Location of splunkd.
   	* Don't include http[s]:// -- just the IP address.
   	* Defaults to 127.0.0.1:8089.

enableSplunkWebSSL = [True | False]
	* Toggle between http or https.
	* Set to true to enable https and SSL.
	* Defaults to False.

sslport  = <port_number>
   * Must be present for the front-end to start.
   * If omitted, or given a value of 0 the server will not start an SSL listener
   
privKeyPath = /certs/privkey.pem
caCertPath = /certs/cert.pem
   * Specify paths and names for Web SSL certs.
   * Path is relative to $SPLUNK_HOME/share/splunk.

serviceFormPostURL = http://headlamp.Splunk.com/event/add
userRegistrationURL = https://www.Splunk.com/index.php/pre_reg?destination=prod_reg
updateCheckerBaseURL = http://quickdraw.Splunk.com/js/
   * These are various Splunk.com urls that are configurable. 
   * Setting updateCheckerBaseURL to 0 will stop the SplunkWeb from pinging Splunk.com 
	 for new versions of itself. 

enable_insecure_login = [True | False]
   * Indicates if the /account/insecurelogin endpoint is enabled
   * Provides an alternate GET-based authentication mechanism
   
supportSSLV3Only = [True | False]
   * Allow only SSLv3 connections if true
   * NOTE: Enabling this may cause some browsers problems
   
root_endpoint = <URI_prefix_string>
   * defines the root URI path on which the appserver will listen
   * default setting is '/'
   * Ex: if you want to proxy the splunk UI at http://splunk:8000/splunkui, then set root_endpoint = /splunkui

static_endpoint = <URI_prefix_string>
   * path to static content
   * The path here is automatically appended to root_endpoint defined above
   * default is /static

static_dir = <relative_filesystem_path>
   * The directory that actually holds the static content
   * This can be an absolute url if you want to put it elsewhere
   * Default is share/splunk/search_mrsparkle/exposed

tools.staticdir.generate_indexes = [1 | 0]
   * Indicates if the webserver will serve a directory listing for static directories
   * Defaults to 0 (false)

template_dir = <relative_filesystem_path>
   * base path to mako templates
   * Defaults to share/splunk/search_mrsparkle/templates

module_dir = <relative_filesystem_path>
   * base path to UI module assets
   * Defaults to share/splunk/search_mrsparkle/modules
   
enable_gzip = [True | False]
   * Determines if webserver applies gzip compression to responses
   * Defaults to True

use_future_expires = [True | False]
   * Determines if the Expires header of /static files is set to a far-future date
   * Defaults to True

flash_major_version = <integer>
flash_minor_version = <integer>
flash_revision_version = <integer>
   * Specifies the minimum Flash plugin version requirements
   * Flash support, broken into three parts.
   * We currently require a min baseline of Shockwave Flash 9.0 r124

enable_proxy_write = [True | False]
   * Indicates if the /splunkd proxy endpoint allows POST operations
   * If True, both GET and POST operations are proxied through to splunkd
   * If False, only GET operations are proxied through to splunkd
   * This should usually be disabled for security reasons
   * Defaults to False

js_logger_mode = [None | Firebug | Server]
   * JavaScript Logger mode
   * Available modes: None, Firebug, Server
   * Mode None: Does not log anything
   * Mode Firebug: Use firebug by default if it exists or defer to the older less promiscuous version of firebug lite
   * Mode Server: Log to a defined server endpoint
   * See js/logger.js Splunk.Logger.Mode for mode implementation details and if you would like to author your own
   * Defaults to Firebug

js_logger_mode_server_end_point = <URI_relative_path>
   * Specifies the server endpoint to post javascript log messages
   * Used when js_logger_mode = Server
   * Defaults to util/log/js

js_logger_mode_server_poll_buffer = <integer>
   * Specifieds the interval in milliseconds to check, post and cleanse the javascript log buffer
   * Defaults to 1000

js_logger_mode_server_max_buffer = <integer>
   * Specifies the maximum size threshold to post and cleanse the javascript log buffer
   * Defaults to 100

poller_timeout_interval = <integer>
   * Specifies time after which client side pollers should time out (in milliseconds)
   * Defaults to 600000 (10 minutes)

js_no_cache = [True | False]
   * Toggle js cache control
   * Defaults to False

enable_insecure_login = [True | False]
   * Indicates if the GET-based login endpoint is active
   * If True, the /account/insecurelogin?username=USERNAME&password=PASSWD is available
   * If False, only the main /account/login endpoint is available
   * Defaults to False

enable_autocomplete_login = [True | False]
   * Indictes if the main login page allows browsers to autocomplete the username
   * If True, browsers may display an autocomplete drop down in the username field
   * If False, browsers are instructed not to show autocomplete drop down in the username field
   * Defaults to True


#
# cherrypy HTTP server config
#

server.thread_pool = <integer>
   * Specifies the numbers of threads the appserver is allowed to maintain
   * Defaults to 10
   
server.socket_host = <ip_address>
   * Host values may be any IPv4 or IPv6 address, or any valid hostname.
   * The string 'localhost' is a synonym for '127.0.0.1' (or '::1', if
   * your hosts file prefers IPv6). The string '0.0.0.0' is a special
   * IPv4 entry meaning "any active interface" (INADDR_ANY), and '::'
   * is the similar IN6ADDR_ANY for IPv6. The empty string or None are
   * not allowed.
   * Defaults to 0.0.0.0

max_upload_size = <integer>
   * Specifies the hard maximum size of uploaded files in MB
   * Defaults to 500

log.access_file = <filename>
   * Specifies the HTTP access log filename
   * Stored in default Splunk /var/log directory
   * Defaults to web_access.log

log.error_file = <filename>
   * Specifies the HTTP error log filename
   * Stored in default Splunk /var/log directory
   * Defaults to web_service.log

log.screen = [True | False]
   * Indicates if runtime output is displayed inside an interactive tty
   * Defaults to True
   
request.show_tracebacks = [True | False]
   * Indicates if a an exception traceback is displayed to the user on fatal exceptions
   * Defaults to True

engine.autoreload_on = [True | False]
   * Indicates if the appserver will auto-restart if it detects a python file has changed
   * Defaults to False

tools.sessions.on = True
    * Indicates if user session support is enabled
    * Should always be True

tools.sessions.timeout = <integer>
   * Specifies the number of minutes of inactivity before a user session is expired
   * Defaults to 60

response.timeout = <integer>
   * Specifies the number of seconds to wait for the server to complete a response
   * Some requests such as uploading large files can take a long time
   * Defaults to 7200

tools.sessions.storage_type = [file]
tools.sessions.storage_path = <filepath>
   * Specifies the session information storage mechahims
   * Comment out the next two lines to use RAM based sessions instead
   * Use an absolute path to store sessions outside of the splunk tree
   * Defaults to storage_type=file, storage_path=var/run/splunk

tools.decode.on = [True | False]
   * Indicates if all strings that come into Cherrpy controller methods are decoded as unicode (assumes UTF-8 encoding).
   * WARNING: Disabling this will likely break the application, as all incoming strings are assumed
   * to be unicode.
   * Defaults to True

tools.encode.on = [True | False]
   * Encodes all controller method response strings into UTF-8 str objects in Python.
   * WARNING: Disabling this will likely cause high byte character encoding to fail.
   * Defaults to True

tools.encode.encoding = <codec>
   * Force all outgoing characters to be encoded into UTF-8.
   * This only works with tools.encode.on set to True.
   * By setting this to utf-8, Cherrypy's default behavior of observing the Accept-Charset header
   * is overwritten and forces utf-8 output. Only change this if you know a particular browser
   * installation must receive some other character encoding (Latin-1 iso-8859-1, etc)
   * WARNING: Change this at your own risk.
   * Defaults to utf08

pid_path = <filepath>
   * Specifies the path to the PID file
   * Defaults to var/run/splunk/splunkweb.pid

web.conf.example

# Copyright (C) 2005-2010 Splunk Inc.  All Rights Reserved.  Version 4.0 
#
# This is an example web.conf.  Use this file to configure data web settings.
#
# To use one or more of these configurations, copy the configuration block into web.conf 
# in $SPLUNK_HOME/etc/system/local/. You must restart Splunk to enable configurations.
#
# To learn more about configuration files (including precedence) please see the documentation 
# located at http://www.splunk.com/base/Documentation/latest/Admin/Aboutconfigurationfiles



# This stanza heading must precede any changes.
[settings]

# Change the default port number:
httpport = 12800

# Turn on SSL:
# NOTE: paths are relative to $SPLUNK_HOME.
enableSplunkWebSSL = true
sslport  = 8080
privKeyPath = /certs/myprivatekey.pem
caCertPath = /certs/mycacert.pem
Retrieved from "http://docs.splunk.com/Documentation/Splunk/4.0.3/Admin/Webconf"

This documentation applies to the following versions of Splunk: 4.0 , 4.0.1 , 4.0.2 , 4.0.3 , 4.0.4 , 4.0.5 , 4.0.6 , 4.0.7 , 4.0.8 , 4.0.9 , 4.0.10 , 4.0.11 View the Article History for its revisions.


You must be logged into splunk.com in order to post comments. Log in now.

Was this documentation topic helpful?

If you'd like to hear back from us, please provide your email address:

We'd love to hear what you think about this topic or the documentation as a whole. Feedback you enter here will be delivered to the documentation team.

Feedback submitted, thanks!