Getting Data In

Rest API and Jquery AJax Requests do not work

New Member

I 've been trying to retrieve search results in json with no success.

I'm able to retrieve the sessionKey but other POST and GET requests are unsuccessful

I keep getting error: 401 Unauthorized.

I'm running the code below in the node.js server that you can download with the splunk javascript sdk
and I disabled ssl for the splunk management port 8089 under server.conf:

[sslConfig]
enableSplunkdSSL = false

I'm shooting requests from the localhost:6969 to localhost:8089.

Here is the code:

$(function(){
    var $session_id = $('#session_id');
    var seid;
    $.ajax({
        method: 'POST',
        crossDomain: true,
        url: 'http://localhost:8089/servicesNS/admin/search/auth/login/',
        data: 'username=admin&password=splunk&output_mode=json',
        dataType: 'json',
        success: function(data){
            $session_id.append(data.sessionKey);
            seid=data.sessionKey;
            console.log('success',data.sessionKey,seid);
        }

    });


    $.ajax({
        type: 'GET',
        username: 'admin',
        password: 'splunk',
        crossDomain: true,
        url: 'http://localhost:8089/servicesNS/admin/search/',
        processData: false,
        dataType: 'json',
        success: function(data){
            console.log('success',data);
        }

    });

    $.ajax({
        type: 'POST',
        username: 'admin',
        password: 'splunk',
        headers: {'Authorization':' Splunk '+seid},
        crossDomain: true,
        url: 'http://localhost:8089/servicesNS/admin/search/search/jobs/',
        data: 'search="search error"',
        processData: false,
        dataType: 'json',
        success: function(data){
            console.log('success',data);
        }

    });

I have noticed that all code examples in the splunk documentation are bypassing the ssl self signed certificates of splunk. Is there a way to do that client side in Jquery or through some conf file on the server side?

I have tried the curl command and I always get results with it:

curl -u admin:changeme http://localhost:8089/servicesNS/admin/search/

with and without the -k (allow ssl sites without certificate).

I'm not a developer and I really don't know where to continue.
Can anyone point me in the right direction?

0 Karma

Splunk Employee
Splunk Employee

I know this is kind of an old thread and possibly too late, but here's an example showing how to get a session key and then list the installed apps. You will need to have a signed SSL certificate from a trusted CA installed or directly hit https://<splunk_server>:8089/services/auth/login and accept the security exception for this to work.

var getSessionKey = $.ajax({
    type: "POST",
    url: "https://<splunk_server>:8089/services/auth/login",
    data: "username=admin&password=changeme",
}),
listApps = getSessionKey.then(function(data) {
    return $.ajax({
        type: "GET",
        url: "https://<splunk_server>:8089/services/apps/local",
        headers: {"Authorization" : "Splunk " + $(data).find("sessionKey").text()},
    });
});

listApps.done(function(data) {
    console.log(data);
});
0 Karma

Motivator

Nice, however this will not work if you use the regular webport and then get the rest api via this port using /splunkd/__raw/services/auth/login as it cannot handle the callback parameter 😕
(I would like to use the regular port for a number of reasons, one being we do not open firewall access to the rest port and i also potentially would like to use sso).

0 Karma

New Member

I also altered the server.conf

[httpServer]
crossOriginSharingPolicy = *

Using the Chrome Advanced Rest Client I can also retrieve results. How come it's just not possible with jquery or javascript?

0 Karma