Getting Data In

HTTP 401 Error seen in splunk logs while connecting to SAP middleware application

xplore1988
New Member

Hello Experts,

Please see the details below:
Flow: Web Services partner interface (Client application) => invokes SAP Middleware URL => Webseal/TAM junction URL
SAP middleware URL starts with Webseal/TAM junction url followed by interface specific details. SAP Middleware uses LDAP for authentication
Intermittent calls are failing with 401 error even though same interface using same user ID / password combination is
working fine for majority of the calls.

When we check the splunk logs, we can see the error code for some calls like HTTP 401 but it does not show the user id which is sent from the web service partner interface (source) to SAP Middleware/Webseal. is there any way or query which can display or let us know what is the used id used in the request sent by the source to SAP. We have checked but did not see any such field which could tell about this.

And also the error simply says HTTP 401 unauthorized, it does not give any logs what caused that error to happen. Need to know what is going wrong here and how we can resolve this intermittent error. Please do the needful.

Tags (2)
0 Karma

xplore1988
New Member

Any pointers please?

0 Karma
Get Updates on the Splunk Community!

Improve Your Security Posture

Watch NowImprove Your Security PostureCustomers are at the center of everything we do at Splunk and security ...

Maximize the Value from Microsoft Defender with Splunk

 Watch NowJoin Splunk and Sens Consulting for this Security Edition Tech TalkWho should attend:  Security ...

This Week's Community Digest - Splunk Community Happenings [6.27.22]

Get the latest news and updates from the Splunk Community here! News From Splunk Answers ✍️ Splunk Answers is ...