KB 145 - Guide to resolve the “Potential Security Risk" popup in wizards
KB 145 (Splunk): Guide to resolve the “Potential Security Risk" popup in wizards
Category: Problem/Information/Recommendation | Priority: Critical/High/Normal |
|---|---|
Platform: Splunk Cloud | Version: 1 from 25.02.2022 |
Description
In Splunk cloud environment, you may see the popup as below in the dashboard of the SAP PowerConnect for Splunk app. This is especially noticed while running:
Wizard for new SAP SIDs and instance discovery
Wizard for System Role
You may choose to click on “Run Query Anyway” button to accept the risk and continue.
In some cases when you choose multiple searches to run in parallel on a wizard, you may are not able to click on “Run Query Anyway” button.
Cause
This Issue arises because of the outputlookup command used in dashboard search queries to generate the required lookup for proper functioning of drop-downs in PowerConnect app.
Resolution
Users need to raise a ticket to the Splunk cloud Support Team to update/create the below-mentioned file.
Please open the web.conf file which is available at <Splunk Home>/etc/shcluster/apps/BNW-app-powerconnect/local and if this file is not available at that location please create a new file with the web.conf name
Add the below stanza in the web.conf file:
[settings]
enable_risky_command_check_dashboard = falseRestart Splunk Server.