Hi All,
I was writing one script in shell for getting data though rest api .
Below is the connect of the script
`#!/bin/bash
rm /opt/splunk/etc/apps/HUM_QA_FIREEYE_INPUTS/bin/fireeye_alert.json
date_time=$(date +'%Y-%d-%m''T''%H'':00:00.000')
retieve data for fireeye_alert
curl -s -X POST -k -H 'Content-Type: application/json' -H "x-fireeye-api-key:some_unique_value" https://abc.com -d '{"fromLastModifiedOn":"$date_time","size": 10}' >> /opt/splunk/etc/apps/HUM_QA_FIREEYE_INPUTS/bin/fireeye_aler`
Here , I have scheduled this script to run every hour and every time it run , it will create a new date_time value which we need to give in the curl command as argument . The problem is , I am not getting any data if I use this script . There is some error with fromLastModifiedOn coming.
ERROR :
{
"message": "Incorrect request params: fromLastModifiedOn. Enter the valid request params and without any space"
}
thanks in advance.
This is the fire eye API telling you that fromLastModifiedOn is invalid OR its value is invalid.
This is a splunk forum, so I recommend you post this to fire eyes community instead. You might find expertise here or you might not.