- Splunk Answers
- :
- Using Splunk
- :
- Dashboards & Visualizations
- :
- Can I disable showsource to keep my view XML priva...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You can add ?showsource=1 (or ?showsource=true) to the end of any address in your browser and see the underlying Splunk modules and XML source. Nice.
But if I am developing an app that I want to sell, I might not want to give away the "source code."
Can I disable showsource?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This is not possible. When you're giving your app to someone, he can just unpack it and take a look at the view files directly. There's no way to protect or encrypt this yet.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In addition to the other answers, I wouldn't worry too much about this today. The view XML is currently so limited that I find it hard to imagine it's even possible to create something worth hiding. It may be maddeningly difficult to read or write, but it's about as complex and interesting as the navigation menu structure. (And I mean "complex" in the sense of "able to express complex forms" not simply "complicated". It is indeed the latter.)
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You made me laugh.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'm not aware of a way, but perhaps one exists.
Even if you were able to disable that particular method, however, there are plenty of other ways to see the source XML.
Once an app is installed, users with admin privileges will be able to view and edit the source in the Manager. Also, the raw XML files will be visible in the app's default/data/ui/views directory, and the SplunkBase archive format is just .tar.gz format renamed to .spl, making it trivial to extract the information there.
Splunk admins may also need to be able to modify the view definition to adjust for differences in their data, especially if there are search strings embedded in the XML.
Trying to restrict access to an app's XML from end users is one thing; trying to hide it from the Splunk admin is quite another.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I see the distinction. At some point, I might want to do both... Thanks for the answer.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This is not possible. When you're giving your app to someone, he can just unpack it and take a look at the view files directly. There's no way to protect or encrypt this yet.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Because you may want to hide something from users rather than admins.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Excellent point. Why protect it dynamically if any person who downloads it can just look at the static files...
Detecting Remote Code Executions With the Splunk Threat Research Team
Observability | Use Synthetic Monitoring for Website Metadata Verification
More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk
