Getting Data In

HTTP 401 Error seen in splunk logs while connecting to SAP middleware application

New Member

Hello Experts,

Please see the details below:
Flow: Web Services partner interface (Client application) => invokes SAP Middleware URL => Webseal/TAM junction URL
SAP middleware URL starts with Webseal/TAM junction url followed by interface specific details. SAP Middleware uses LDAP for authentication
Intermittent calls are failing with 401 error even though same interface using same user ID / password combination is
working fine for majority of the calls.

When we check the splunk logs, we can see the error code for some calls like HTTP 401 but it does not show the user id which is sent from the web service partner interface (source) to SAP Middleware/Webseal. is there any way or query which can display or let us know what is the used id used in the request sent by the source to SAP. We have checked but did not see any such field which could tell about this.

And also the error simply says HTTP 401 unauthorized, it does not give any logs what caused that error to happen. Need to know what is going wrong here and how we can resolve this intermittent error. Please do the needful.

Tags (2)
0 Karma

New Member

Any pointers please?

0 Karma
Get Updates on the Splunk Community!

Splunk Forwarders and Forced Time Based Load Balancing

Splunk customers use universal forwarders to collect and send data to Splunk. A universal forwarder can send ...

NEW! Log Views in Splunk Observability Dashboards Gives Context From a Single Page

Today, Splunk Observability releases log views, a new feature for users to add their logs data from Splunk Log ...

Last Chance to Submit Your Paper For BSides Splunk - Deadline is August 12th!

Hello everyone! Don't wait to submit - The deadline is August 12th! We have truly missed the community so ...