Rest API Modular Inpu with Basic Auth

Pierzapin — Mon, 28 Sep 2020 15:17:08 GMT

Hi Damien,

I'm trying to poll the API for a RabbitMQ management console using your REST API Modulaor Input. I have another generic (unauthenticated API) working perfectly with Json data returning perfectly, so install and splunk permissions seem fine. When hitting the RabbitMQ API (using Basic Auth) the splunkd.log reports

2013-11-15 12:21:36,844 DEBUG [52855b00c57f10f45fd7d0] cplogging:55 - [15/Nov/2013:12:21:36] HTTP Traceback (most recent call last): File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/cherrypy/cprequest.py", line 606, in respond cherrypy.response.body = self.handler() File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/cherrypy/cpdispatch.py", line 25, in call return self.callable(*self.args, **self.kwargs) File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/routes.py", line 366, in default return route.target(self, **kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 38, in rundecs return fn(*a, **kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 107, in check return fn(self, *a, **kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 156, in validateip return fn(self, a, *kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 297, in preformssocheck return fn(self, a, *kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 348, in checklogin return fn(self, *a, **kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 369, in handleexceptions return fn(self, a, *kw) File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/controllers/search.py", line 487, in batchControl response = actionMethod() File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/search/init.py", line 730, in touch return self.execControl('touch') File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/search/init.py", line 693, in _execControl serverResponse, serverContent = rest.simpleRequest(uri, postargs=postargs, sessionKey=self.sessionKey) File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/rest/init.py", line 483, in simpleRequest raise splunk.AuthorizationFailed(extendedMessages=uri) AuthorizationFailed: [HTTP 403] Client is not authorized to perform requested action; https://127.0.0.1:8089/services/search/jobs/schedulercGllcnMuY2hhbWJlcmxhaW4searchRMD525bd0fa3f312c28dat1384470900_72908/control

Is this something you've seen before? Any Clues?

Thanks

Piers

Re: Rest API Modular Inpu with Basic Auth

Damien_Dallimor — Fri, 15 Nov 2013 03:43:44 GMT

Those errors messages have nothing to do with the REST API Modular Input.

REST API Modular Input errors messages would be found with : "index=_internal ExecProcessor error rest.py"

Furthermore , in the config page , if you check the "Index Error Response" option , any HTTP auth errors should get indexed for you to browse.

topic Re: Rest API Modular Inpu with Basic Auth in All Apps and Add-ons

Rest API Modular Inpu with Basic Auth

Re: Rest API Modular Inpu with Basic Auth