Splunk Cloud Platform

Splunk Cloud Platform Admin Manual

Acrobat logo Download manual as PDF


Acrobat logo Download topic as PDF

Configure Dashboards Trusted Domains List and Content Security Policy setting

The Dashboards Trusted Domains List is a list of authorized domains and URLs that aid the management of external content. For example, external images without a domain or URL specified in the list don't render in the dashboard. To permit an external image, you can add the image's domain or URL to the list.

The Content Security Policy (CSP) setting controls the enforcement of the Dashboards Trusted Domains List. The setting comes enabled by default and warns you if external content has a domain or URL not in the domains list. You can disable the enforcement of the domain list and the CSP warning by configuring your web-features.conf file.

Prerequisite

You must opt into automatic UI updates to use the Dashboards Trusted Domains List admin UI. For more details, see Enable automatic UI updates.

Add domains

The Dashboards Trusted Domains List admin UI requires that you opt into automatic UI updates. For more details, see Enable automatic UI updates.

Add a domain or URL to the Dashboards Trusted Domains List using Splunk Web.

  1. In Splunk Web, navigate to Settings > Server settings > Dashboards Trusted Domains List.
  2. Enter a name. The name is a label for the corresponding domain or URL.
  3. Select Save. This saves all changes to the Dashboards Trusted Domains List page since the last page update, including any domains or URLs that you have added or removed.

Remove domains

You can use the Dashboards Trusted Domains List admin UI, if you've opted into automatic UI updates. For more details, see Enable automatic UI updates.

Remove a domain or URL from the Dashboards Trusted Domains List using Splunk Web.

  1. In Splunk Web, navigate to Settings > Server settings > Dashboards Trusted Domains List.
  2. Select X to delete the domain or URL.
  3. Select Save. This saves all changes to the Dashboards Trusted Domains List page since the last page update, including any domains or URLs that you have added or removed.

Example of configured dashboards_trusted_domains settings

Add authorized domains and URLs to the web-features.conf file, instead of the previously used web.conf file.

If you want to troubleshoot the Dashboards Trusted Domains List or add to the list directly, you can add authorized domains and URLs to the [features:dashboards_csp] stanza in the web-features.conf file. Each setting starts with the syntax dashboards_trusted_domain. followed by the domain or URL name. Domain and URL names can be specific or use an asterisk wildcard. For example, the domain name *.buttercup-games.com loads content from any subdomain under buttercup-games.com.

The following is an example of configured dashboards_trusted_domains settings.

[features:dashboards_csp]
  dashboards_trusted_domain.everything=*.buttercup-games.com,
  dashboards_trusted_domain.example=example.buttercup-games.com

Dashboard Studio dashboards

The warning modals for Dashboard Studio dashboards differ in how they handle external or redirection content. Both modals have configurable feature settings that default to true for enablement.

External content warning modal

Dashboard Studio dashboards that attempt to load external images not listed in the Trusted Domains List receive an error message and the content doesn't load.

To avoid the error, you can do one of the following:

  • Add the domain or URL to the Dashboards Trusted Domains List.
  • Upload external content to your app directory and reference the content locally.
  • Upload the image directly with the Dashboard Studio UI. For more details, see Add an image.

Redirection content warning modal

Dashboard Studio dashboards that attempt to redirect to external content not listed in the Trusted Domains List receives a warning message confirming that you want to leave the Splunk Platform.

To avoid the warning modal, you can add the domain or URL to the Dashboards Trusted Domains List.

SimpleXML dashboards

When viewing SimpleXML dashboards that attempt to load external content, a warning modal prompts the following:

  • Load content by acknowledging the external domain or URL is trusted.
  • Not load content by selecting Cancel because the external domain or URL is not trusted.

To avoid the warning modal, you can do one of the following:

  • Add the domain or URL to the Dashboards Trusted Domains List.
  • Upload external content to your app directory and reference the content locally.
Last modified on 28 November, 2022
PREVIOUS
Configure IP allow lists using Splunk Web
  NEXT
Configure webhook allow list using Splunk Web

This documentation applies to the following versions of Splunk Cloud Platform: 9.0.2208, 9.0.2209 (latest FedRAMP release)


Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters