I'm able to confirm this works for me curl command is working for me. It returns a session ID.
curl -k https://splunkdomain.local:8089/services/auth/login --data-urlencode username={username} --data-urlencode password={password}
Using the same end point in Postman, it complains "Login failed". Can someone please assist?
So this is what I did to solve it... I noticed that the cURL generated by postman was not working and getting the exact same error you are seeing on the UI, this cURL command looks something like:
And hit IMPORT, this will generate a working request. If you look at the cURL generated by it the only difference is that it actually sets the Content-Type header which seems to so the trick. It now looks something like this:
Im stuck on the same issue, but if you look closely its not an AUTH falied, it is really a 400 Bad Request error, I'v been trying different ways to call the API on Postman but so far I haven't been able to get it working, but it works on cURL and using Requests on Python, so its definitively something related to the message formatting that is causing this.
So this is what I did to solve it... I noticed that the cURL generated by postman was not working and getting the exact same error you are seeing on the UI, this cURL command looks something like:
And hit IMPORT, this will generate a working request. If you look at the cURL generated by it the only difference is that it actually sets the Content-Type header which seems to so the trick. It now looks something like this:
@spammenot66, following is what I had tried for HEC using JSON Data packet. I had to use http on my local, however, https should work if cURL worked fine for you.
