Splunk and Postman

jwkriewall · ‎05-24-2021

I have a question regarding the Splunk and Postman interaction. I've set up a Splunk instance inside a Linux virtual machine. I am able to use the curl command to access Splunk endpoints in the VM. Doing so returns an SID which I can then use to get Splunk data.

However, I am having a hard time retrieving the SID from Postman. When I try to connect to the API I am met with an "Unauthorized" message (pic attached). I am using Basic Auth and inputting an admin username and PW.

Any ideas on what to do? What piece am I missing?

Marco · ‎05-24-2021

For step 1 you are supposed to use this Url: https://api.splunk.com/2.0/rest/login/splunk

Correct Url.PNG

jwkriewall · ‎05-24-2021

Before this suggestion comes in, I've already disabled SSL Certification on Postman!

Splunk and Postman

Linux

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Mile High Learning with Splunk University, Denver, Colorado

IT Service Intelligence 5.0 Series: Your Guide to the June Launch

Agent Mode Engaged! Enchaining Agentic Operations with Splunk AI Assistant 2.0

Join the Conversation

Splunk and Postman

Linux

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Mile High Learning with Splunk University, Denver, Colorado

IT Service Intelligence 5.0 Series: Your Guide to the June Launch

Agent Mode Engaged! Enchaining Agentic Operations with Splunk AI Assistant 2.0