Developing for Splunk Enterprise

How to connect to management port REST API from the Python Module which sits in controller directory?

Communicator

I am stuck at one point where i have to make a POST request from the UI to management port API. Now i cannot do that as i need session token and have to allow the Splunk server to accept any request from the IP, which is not an efficient way. So i want to make a REST Request to the custom URL, which in turn should make request the Splunk webserver. I have to do it with Python, but the only concern is how can i make the custom URL in the existing app and handle it ,

i am making the ajax request at /custom/app_name/module/function

and in the controller i have a function defined, but still i am not able to get success.

Any sort of help will be appreciated.

Thanks

0 Karma

SplunkTrust
SplunkTrust

So to use the REST interface with python perhaps something like this.

The below code is partially based on the "Splunk REST API is easy to use" blog post , and also on some other documentation on the Splunk website:

import urllib
import urllib2
import ssl
import base64

#Send a request using a POST command to the required URL
#SSL checking is disabled due to use of the self-signed certificates
def sendrequest(values, server, url):
    ctx = ssl.create_default_context()
    ctx.check_hostname = False
    ctx.verify_mode = ssl.CERT_NONE
    data = urllib.urlencode(values)
    req = urllib2.Request(server + url, data)

    req.add_header("Authorization", "Basic %s" % base64string)
    response = urllib2.urlopen(req, context=ctx)
    the_page = response.read()


username = "username"
password = "<yourpassword>"
base64string = base64.encodestring('%s:%s' % (username, password)).replace('\n', '')
server = "https://localhost:8089/"
url = "/servicesNS/nobody/<app...>"

#Create the Oracle_SIEMUser_ChangePassword identity with username SIEM_USER
values = {"parameter1" : "value1",
}

#Actually run the HTTP request
sendrequest(values, server, url)

I normally determine the endpoint by hitting:
https://:8089/servicesNS/nobody

And then determining where I should go, there is likely a better way to do it !

0 Karma