Archive

Does Splunk Free License allow usage of REST API?

Splunk Employee
Splunk Employee

How do I use Splunk REST API with Free License (since user login credentials are not required with Free License)?

Tags (1)
1 Solution

Ultra Champion

Yes you can.

So using this simple test code from the JAVA SDK :

Service service = new Service("myfreesplunkhost", 8089);
service.login("admin", "scoobydoo"); 

ServiceInfo info = service.getInfo();
System.out.println("Info:");
for (String key : info.keySet())
  System.out.println("    " + key + ": " + info.get(key));

By default you'll probably get an error message such as :

HTTP 401 -- Remote login disabled because you are using a free license which does not provide authentication. To resolve either switch to the forwarder-only license or the enterprise trial license included with the product. To override this and enable unauthenticated remote management, edit the 'allowRemoteLogin' setting in your server.conf file.

Fortunately, it is simply a matter of adding a setting to $SPLUNK_HOME/etc/system/local/server.conf and restarting.

[general]
allowRemoteLogin = always

Then you don't need to login explicitly :

Service service = new Service("myfreesplunkhost", 8089);
//removed the login step !!!

ServiceInfo info = service.getInfo();
System.out.println("Info:");
for (String key : info.keySet())
  System.out.println("    " + key + ": " + info.get(key));

View solution in original post

Ultra Champion

Yes you can.

So using this simple test code from the JAVA SDK :

Service service = new Service("myfreesplunkhost", 8089);
service.login("admin", "scoobydoo"); 

ServiceInfo info = service.getInfo();
System.out.println("Info:");
for (String key : info.keySet())
  System.out.println("    " + key + ": " + info.get(key));

By default you'll probably get an error message such as :

HTTP 401 -- Remote login disabled because you are using a free license which does not provide authentication. To resolve either switch to the forwarder-only license or the enterprise trial license included with the product. To override this and enable unauthenticated remote management, edit the 'allowRemoteLogin' setting in your server.conf file.

Fortunately, it is simply a matter of adding a setting to $SPLUNK_HOME/etc/system/local/server.conf and restarting.

[general]
allowRemoteLogin = always

Then you don't need to login explicitly :

Service service = new Service("myfreesplunkhost", 8089);
//removed the login step !!!

ServiceInfo info = service.getInfo();
System.out.println("Info:");
for (String key : info.keySet())
  System.out.println("    " + key + ": " + info.get(key));

View solution in original post

State of Splunk Careers

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!