All Apps and Add-ons

Huawei eSight Open API login authentication fails


Step 1: I have to use "PUT" to login to my system and obtain a login token. Webtools curl command only supports GET, POST and DELETE as stated in the documentation. When I choose method=put I don't get any errors in Splunk, will it work as intended?

I need to authenticate via "userid" and "value" instead of user and password. I tried to put this information in the datafield like this, but it didn't work:

| makeresults count=1
| eval data="{\"userid\":\"ApiUser\",\"value\":\"password\"}"
| curl method=put uri=https://x.x.x.x:32102/rest/openapi/sm/session
| table curl*

The developer @jkat54 suggested that the Huawei system might want the username and password as parameters and I might have to urlencode them so I tried these:

I also tried uri=.../?xxx and uri=...?xxx

When I use Splunk and any variation of the curl command listed above the logs on the Huawei system show "Open API request from third system, URL: /rest/openapi/sm/session, error message: Authentication failed." and it shows username as "Invalid User".

If I connect to the API via another method the login succeeds. Whenever I input a wrong password or username, the chosen username will be displayed in the logs and the error message is "Failure reason: The user name does not match the password or the account does not exist."

Therefore it's not a wrong username or password error when using the curl command.

Step 2: After I obtain a session token with the above search (assuming it's working), I can use this token to query the API via executing additional curl commands. How would I do that in a Splunk search?

This is an excerpt from the documentation of the systems API to gain an access token:

 * Log in Example
public class Login
    public static void main(String[] args) throws Exception 

    public static void login() throws Exception
        //set the URL and method
        final String openidURL = "/rest/openapi/sm/session";
        final String method = "PUT";
        //set parameters
        final List<BasicNameValuePair> parameters = new ArrayList<BasicNameValuePair>();
        parameters.add(new BasicNameValuePair("userid", GlobalVar.GLOBAL_USERNAME));
        parameters.add(new BasicNameValuePair("value", GlobalVar.GLOBAL_USERVALUE));
        parameters.add(new BasicNameValuePair("ipaddr", GlobalVar.GLOBAL_USERIP));
        //send the request
        final HttpResponse response = NewHttpsAccess.access(GlobalVar.GLOBAL_IP,
        //get the result
        final String ret = NewHttpsAccess.getResult(response);
        //resolve the result and get the openid
        final JSONObject jObject = JSONObject.fromObject(ret);
        if (null == jObject)
            System.out.println("Login failed.");
        if ("0".equals(String.valueOf(jObject.get("code"))))
            final String openid = String.valueOf(jObject.get("data"));
            GlobalVar.globalOpenid = openid;


Hey thanks for the awesome post!

I have a code fix for you in version 1.2.5:

Here's where the code was buggy:

alt text

As always, thank you for your support and if you like my apps, please leave a review on splunkbase, share some karma, or if you're super impressed, write a review for me on linkedin. Thanks again!

0 Karma


Thanks, but that didn't fix the problem. I added a PUT method to your and the connection can now be established.

0 Karma


that was my next idea...

0 Karma


I just added it to the app via version 1.2.6 Please do enjoy.

0 Karma
*NEW* Splunk Love Promo!
Snag a $25 Visa Gift Card for Giving Your Review!

It's another Splunk Love Special! For a limited time, you can review one of our select Splunk products through Gartner Peer Insights and receive a $25 Visa gift card!


Or Learn More in Our Blog >>