I'm accessing my forwarder's REST API endpoints like so in a web browser and it works:
When I try to do the same via curl:
curl -k -u 'my.splunk.username' https://10.10.10.10:8089/services/configs/inputs
I get "Unauthorized" instead:
Enter host password for user 'my.splunk.username': <?xml version="1.0" encoding="UTF-8"?> <response> <messages> <msg type="ERROR">Unauthorized</msg> </messages> </response>
Is there something else I need to enable on my forwarder to allow these calls?
if you providing -u argument you need to provide authentication 'username:password'
curl -k -u 'username:password' https://10.10.10.10:8089/services/configs/inputs
One more thing, I see here is the network IP you are using, it could be sitting inside same private network but in different VPC.
Try adding the hostname to no_proxy variable and then do a CURL, adding the host will allow the request not enter through Internet Gateway but will treat the other host VPC in same private network.
Add your host to no_proxy env variable
bash$ env | grep no_proxy bash$ export no_proxy=$no_proxy,10.10.10.10
bash$ curl -k -u 'username:password' 'https://10.10.10.10:8089/services/configs/inputs'
are you connecting from the same remote machine in both examples, or is one (the browser) local on the server that has the forwarder and curl is done remotely? Also, are you doing both calls with
Are you providing both user name and password in the curl command, the same user name ans password that you'll use in browser?
curl -k -u username:password https://10.10.10.10:8089/services/configs/inputs