Are you a member of the Splunk Community?
- Find Answers
- :
- Apps & Add-ons
- :
- All Apps and Add-ons
- :
- Rest API Modular Inpu with Basic Auth
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Rest API Modular Inpu with Basic Auth
Hi Damien,
I'm trying to poll the API for a RabbitMQ management console using your REST API Modulaor Input. I have another generic (unauthenticated API) working perfectly with Json data returning perfectly, so install and splunk permissions seem fine. When hitting the RabbitMQ API (using Basic Auth) the splunkd.log reports
2013-11-15 12:21:36,844 DEBUG [52855b00c57f10f45fd7d0] cplogging:55 - [15/Nov/2013:12:21:36] HTTP Traceback (most recent call last): File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/cherrypy/cprequest.py", line 606, in respond cherrypy.response.body = self.handler() File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/cherrypy/cpdispatch.py", line 25, in call return self.callable(*self.args, **self.kwargs) File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/routes.py", line 366, in default return route.target(self, **kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 38, in rundecs return fn(*a, **kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 107, in check return fn(self, *a, **kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 156, in validateip return fn(self, a, *kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 297, in preformssocheck return fn(self, a, *kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 348, in checklogin return fn(self, *a, **kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 369, in handleexceptions return fn(self, a, *kw) File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/controllers/search.py", line 487, in batchControl response = actionMethod() File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/search/init.py", line 730, in touch return self.execControl('touch') File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/search/init.py", line 693, in _execControl serverResponse, serverContent = rest.simpleRequest(uri, postargs=postargs, sessionKey=self.sessionKey) File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/rest/init.py", line 483, in simpleRequest raise splunk.AuthorizationFailed(extendedMessages=uri) AuthorizationFailed: [HTTP 403] Client is not authorized to perform requested action; https://127.0.0.1:8089/services/search/jobs/schedulercGllcnMuY2hhbWJlcmxhaW4searchRMD525bd0fa3f312c2...
Is this something you've seen before? Any Clues?
Thanks
Piers
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Those errors messages have nothing to do with the REST API Modular Input.
REST API Modular Input errors messages would be found with : "index=_internal ExecProcessor error rest.py"
Furthermore , in the config page , if you check the "Index Error Response" option , any HTTP auth errors should get indexed for you to browse.
Enter the Agentic Era with Splunk AI Assistant for SPL 1.4
Feel the Splunk Love: Real Stories from Real Customers
Data Management Digest – November 2025
