I am trying to log in and search users from a windows machine on Splunk server using Splunk python SDK over HTTP, but getting some errors. Please find Logs below ( HTTP Request / Response ) .
c:\Users\vgupta13\Downloads\splunk-sdk-python-master\examples>C:\Python27\python.exe search.py "search vgupta13 " --output_mode=csv --verbose=verbose
{'body': 'username=vgupta13&password=*******', 'headers': [('Content-Type', 'application/x-www-form-urlencoded')], 'method': 'POST'}
send: 'POST /services/auth/login HTTP/1.1\r\nAccept-Encoding: identity\r\nContent-Length: 35\r\nContent-Type: application/x-www-form-urlencoded\r\nHost: ficcspl
unk\r\nAccept: */*\r\nUser-Agent: splunk-sdk-python/0.1\r\n\r\nusername=vgupta13&password=*******'
Get the response from the server.
HTTPResponse init
------------------begin
reply: 'HTTP/1.1 303 See Other\r\n'
header: Server: CherryPy/3.1.2
header: Location: http://splunkserver/en-US/services/auth/login
header: Content-Type: text/html;charset=utf-8
header: Content-Length: 132
header: Date: Mon, 13 Apr 2015 12:02:52 GMT
header: Set-Cookie: session_id_8000=4f0020a7bf9fe5c60abcddbdf6a6e037a4a3d35a; expires=Tue, 21 Apr 2015 12:02:52 GMT; httponly; Path=/
send: 'GET /servicesNS/nobody/alert/search/parser?q=search+vgupta13+&parse_only=True HTTP/1.1\r\nAccept-Encoding: identity\r\nContent-Length: 0\r\nHost: ficcspl
unk\r\nAccept: */*\r\nUser-Agent: splunk-sdk-python/0.1\r\n\r\n'
***Get the response from the server.***
HTTPResponse init
------------------begin
reply: 'HTTP/1.1 303 See Other\r\n'
header: Server: CherryPy/3.1.2
header: Location: http://splunkserver/en-US/servicesNS/nobody/alert/search/parser?q=search+vgupta13+&parse_only=True
header: Content-Type: text/html;charset=utf-8
header: Content-Length: 246
header: Date: Mon, 13 Apr 2015 12:02:52 GMT
header: Set-Cookie: session_id_8000=79ff553379c53a3dac1846f27c065d3561cd3f3c; expires=Tue, 21 Apr 2015 12:02:52 GMT; httponly; Path=/
{'body': 'search=search+vgupta13+', 'headers': [('Content-Type', 'application/x-www-form-urlencoded')], 'method': 'POST'}
send: 'POST /servicesNS/nobody/alert/search/jobs/ HTTP/1.1\r\nAccept-Encoding: identity\r\nContent-Length: 23\r\nContent-Type: application/x-www-form-urlencoded
\r\nHost: splunkserver\r\nAccept: */*\r\nUser-Agent: splunk-sdk-python/0.1\r\n\r\nsearch=search+vgupta13+'
Get the response from the server.
HTTPResponse init
------------------begin
reply: 'HTTP/1.1 303 See Other\r\n'
header: Server: CherryPy/3.1.2
header: Location: http://splunkserver/en-US/servicesNS/nobody/alert/search/jobs
header: Content-Type: text/html;charset=utf-8
header: Content-Length: 164
header: Date: Mon, 13 Apr 2015 12:02:53 GMT
header: Set-Cookie: session_id_8000=d67ebfa9d64e26c2be64a6943b6d93abc5839d5e; expires=Tue, 21 Apr 2015 12:02:53 GMT; httponly; Path=/
self.fp
Traceback (most recent call last):
File "search.py", line 115, in
main(sys.argv[1:])
File "search.py", line 80, in main
job = service.jobs.create(search, **kwargs_create)
File "..\splunklib\client.py", line 2882, in create
sid = _load_sid(response)
File "..\splunklib\client.py", line 221, in _load_sid
return _load_atom(response).response.sid
AttributeError: 'NoneType' object has no attribute 'response'
Please try the below
import splunklib.client as client
class RestController():
HOST = "localhose"
PORT = 8089
USERNAME = "userName"
PASSWORD = "password"
currentUser =""
def getService(self):
return client.connect(host=self.HOST,port=self.PORT,username=self.USERNAME,password=self.PASSWORD)
mani = RestController()
service = mani.getService()
users = service.users
for user in users:
print user.name
To do other items .. have a look into you splunklib.Cline.py's Service class
Its giving me same Error.... as Above 😞
Traceback (most recent call last):
File "testlogin.py", line 15, in
for user in users:
File "C:\Python27\lib\site-packages\splunklib\client.py", line 1218, in iter
for item in self.iter(**kwargs):
File "C:\Python27\lib\site-packages\splunklib\client.py", line 1382, in iter
items = self._load_list(response)
File "C:\Python27\lib\site-packages\splunklib\client.py", line 1288, in _load_list
entries = _load_atom_entries(response)
File "C:\Python27\lib\site-packages\splunklib\client.py", line 202, in _load_atom_entries
if 'feed' in r:
TypeError: argument of type 'NoneType' is not iterable
I am stuck , can someone please have a look