Can we use REST API call to re-authenticate search peers?

philip_wong — Sun, 23 Nov 2014 08:12:07 GMT

It's very pain to re-enter username/password when we have almost 100 search peers.

Re: Can we use REST API call to re-authenticate search peers?

MuS — Sun, 23 Nov 2014 17:50:02 GMT

Hi philip.wong,

you can use a simple remote Splunk command to add search peers and run it in a looping script. See the docs for more details http://docs.splunk.com/Documentation/Splunk/6.2.0/DistSearch/Configuredistributedsearch#Use_the_CLI
But to be able to run such a remote command, you must enable allowRemoteLogin in server.conf see docs for more details http://docs.splunk.com/Documentation/Splunk/6.2.0/admin/Serverconf

But if you need to / want to / have to / insist to use the REST API you can run something like this:

curl  -k -u <adminuser>:<password> https://<yourlocalsplunkserverip>:8089/services/search/distributed/peers -d name=<yoursearchpeerip/DNS/FQDN>:8089 -d remoteUsername=<remoteserveradminuser> -d remotePassword=<remoteserverpassword>

The result will look like this:

<?xml version="1.0" encoding="UTF-8"?>
<!--This is to override browser formatting; see server.conf[httpServer] to disable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .-->
<?xml-stylesheet type="text/xml" href="/static/atom.xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xmlns:s="http://dev.splunk.com/ns/rest" xmlns:opensearch="http://a9.com/-/spec/opensearch/1.1/">
  <title>distsearch-peer</title>
  <id>https://127.0.0.1:8089/services/search/distributed/peers</id>
  <updated>2014-11-24T09:10:54+01:00</updated>
  <generator build="213098" version="6.1.2"/>
  <author>
    <name>Splunk</name>
  </author>
  <link href="/services/search/distributed/peers/_new" rel="create"/>
  <opensearch:totalResults>1</opensearch:totalResults>
  <opensearch:itemsPerPage>30</opensearch:itemsPerPage>
  <opensearch:startIndex>0</opensearch:startIndex>
  <s:messages/>
  <entry>
    <title>servername:8089</title>
    <id>https://127.0.0.1:8089/services/search/distributed/peers/servername%3A8089</id>
    <updated>2014-11-24T09:10:54+01:00</updated>
    <link href="/services/search/distributed/peers/servername%3A8089" rel="alternate"/>
    <author>
      <name>system</name>
    </author>
    <link href="/services/search/distributed/peers/servername%3A8089" rel="list"/>
    <link href="/services/search/distributed/peers/servername%3A8089" rel="edit"/>
    <link href="/services/search/distributed/peers/servername%3A8089" rel="remove"/>
    <content type="text/xml">
      <s:dict>
        <s:key name="build">213098</s:key>
        <s:key name="bundle_versions">
          <s:list/>
        </s:key>
        <s:key name="disabled">0</s:key>
        <s:key name="eai:acl">
          <s:dict>
            <s:key name="app"></s:key>
            <s:key name="can_list">1</s:key>
            <s:key name="can_write">1</s:key>
            <s:key name="modifiable">0</s:key>
            <s:key name="owner">system</s:key>
            <s:key name="perms">
              <s:dict>
                <s:key name="read">
                  <s:list>
                    <s:item>admin</s:item>
                    <s:item>splunk-system-role</s:item>
                  </s:list>
                </s:key>
                <s:key name="write">
                  <s:list>
                    <s:item>admin</s:item>
                    <s:item>splunk-system-role</s:item>
                  </s:list>
                </s:key>
              </s:dict>
            </s:key>
            <s:key name="removable">0</s:key>
            <s:key name="sharing">system</s:key>
          </s:dict>
        </s:key>
        <s:key name="guid">SomeKey</s:key>
        <s:key name="is_https">1</s:key>
        <s:key name="licenseSignature">EvenMoreKeys</s:key>
        <s:key name="peerName">servername</s:key>
        <s:key name="peerType">configured</s:key>
        <s:key name="remote_session">MuchMoreKeys</s:key>
        <s:key name="replicationStatus">Initial</s:key>
        <s:key name="rtsearch_enabled">1</s:key>
        <s:key name="startup_time">1416801414</s:key>
        <s:key name="status">Up</s:key>
        <s:key name="version">6.1.2</s:key>
      </s:dict>
    </content>
  </entry>
</feed>

hope this helps ...

cheers, MuS

Re: Can we use REST API call to re-authenticate search peers?

philip_wong — Mon, 28 Sep 2020 18:14:09 GMT

We got some file permission errors after moving to SHP while running the CLI you mentioned. I'm going to raise support ticket for that.

Now we prefer not to login the search head and run CLI but using REST API
My question is, can we use REST API to re-auth/remove search peers?

I just tested and be able to answer post of this.
To remove a search peer can do by this.

curl -k https://$host:$port/services/search/distributed/peers/$peer_host:$peer_port --request DELETE

I tried "--request POST -remoteUsername -remotePassword" but doesn't work to add a search peer.
Can you advise what's wrong??

Thank you!

Re: Can we use REST API call to re-authenticate search peers?

MuS — Mon, 24 Nov 2014 08:20:36 GMT

Hi, I don't see the point why it should be different using the REST API....but then I don't know your use case 😉 So see my updated answer to get the REST API command to add a search peer. You're welcome 🙂

Re: Can we use REST API call to re-authenticate search peers?

philip_wong — Tue, 25 Nov 2014 02:16:49 GMT

Can you simply tell me how to add search peer to a search head by curl and REST?

Re: Can we use REST API call to re-authenticate search peers?

MuS — Tue, 25 Nov 2014 06:40:48 GMT

Okay, before one gets cheeky it would be better to read my updated answer from 22 hours ago. Then read it again, try it and then say thank you.

Re: Can we use REST API call to re-authenticate search peers?

philip_wong — Tue, 25 Nov 2014 08:55:57 GMT

Sorry, I didn't see the example from my view before.
It works now! Thank you for your patience and prompt response.

topic Can we use REST API call to re-authenticate search peers? in Getting Data In

Can we use REST API call to re-authenticate search peers?

Re: Can we use REST API call to re-authenticate search peers?

Re: Can we use REST API call to re-authenticate search peers?

Re: Can we use REST API call to re-authenticate search peers?

Re: Can we use REST API call to re-authenticate search peers?

Re: Can we use REST API call to re-authenticate search peers?

Re: Can we use REST API call to re-authenticate search peers?