Hi,
I receive the following error (splunk _internal log):
action=create_thehive_alert STDERR - theHive server returned following error: 401 Client Error: Unauthorized
The URL I configured in the alert is: http://IP:9000/api/alert
I checked the credentials in the config file and everything is correct.
A call via curl below works also
curl -XPOST 'http://http://IP:9000/api/login?user=usr&password=passwd'
Any Ideas?
Thanks and kind regards
Correction: the curl command has only one http:// of course and that one works 😉