Splunk Dev
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Can you use the Splunk SDK with the free version of Splunk (not the trial license)?

philwild
Explorer
‎05-26-2023 07:50 AM

I'd like to query Splunk with the SDK. I'm using the free version, after switching from a trial license.

I cannot get it to work.

This page seems to suggest it is possible (https://haydz.github.io/2021/01/02/Python-Connect-Splunk.html)

Are there certain steps that need to be taken to get this working?

Labels (2)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

isoutamo
SplunkTrust
SplunkTrust
‎05-26-2023 10:20 AM

Hi

here is one old solution https://community.splunk.com/t5/Security/Does-Splunk-Free-License-allow-usage-of-REST-API/m-p/101697

I suppose that your issue is that free version haven’t user authentication and SDK is experiencing it. Previous answer told how it could avoid. 

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

isoutamo
SplunkTrust
SplunkTrust
‎05-26-2023 10:20 AM

Hi

here is one old solution https://community.splunk.com/t5/Security/Does-Splunk-Free-License-allow-usage-of-REST-API/m-p/101697

I suppose that your issue is that free version haven’t user authentication and SDK is experiencing it. Previous answer told how it could avoid. 

0 Karma
Reply
Solved! Jump to solution

philwild
Explorer
‎05-28-2023 06:10 AM

Thanks!

I tried this initially and it did not work. I just assumed things had changed given the age of the post.

I've tried it again and it does work. Obviously I did something wrong the first time.

It's working.

Within the SDK, I'm using username "admin" and a blank password.

0 Karma
Reply
Solved! Jump to solution

PickleRick
SplunkTrust
SplunkTrust
‎05-28-2023 04:10 AM

That's one thing. Another thing is that obviously you won't be able to manipulate features that are not enabled in free version (scheduled searches, forwarder management, clustering...).

If you have a valid use case consider applying for a dev or dev/test license (read terms for those license types and see if you fit any of those).

0 Karma
Reply
Get Updates on the Splunk Community!

Share Your Ideas & Meet the Lantern team at .Conf! Plus All of This Month’s New ...

Splunk Lantern is Splunk’s customer success center that provides advice from Splunk experts on valuable data ...

Combine Multiline Logs into a Single Event with SOCK: a Step-by-Step Guide for ...

Combine multiline logs into a single event with SOCK - a step-by-step guide for newbies Olga Malita The ...

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

Take a look below to explore our upcoming Community Office Hours, Tech Talks, and Webinars this month. This ...