i have included a react app into the splunk app. its just one aggregated file.
i want to trigger a upload via rest api (receivers/stream) to upload some csv data. my problem is that i need the session key for the request header (authorization: splunk )
i am already logged in as admin and dont want to start a new session via JS. how is it possible to get (best way with JS because i am not able to use python) the current user with session key for my rest api call?
thanks in advantage.
@ssievert i have seen this already. this method uses its own login script with a loginmask to store jquery cookies. but if i am already logged in from the default login, the user has a session and a session key. but it is stored in http-only cookies which i cannot read out.
i dont want the user logs in two times.
OK, I see. I didn't notice that. You don't have access to the sessionToken, so the only other option is to try to post to the raw REST endpoint:
Give that a whirl and let us know what happens.
@ssievert i tried this yesterday and it gives me a CSRF error (CSRF validation failed). i checked splunkd.log and the expected key and the given key is completley identical. i call the rest api via fetch + credentials:same-origin.
var xhr = new XMLHttpRequest(); xhr.open('POST', '/en-US/splunkd/__raw/services/data/indexes', true); xhr.setRequestHeader('X-Requested-With', 'XMLHttpRequest'); xhr.setRequestHeader('X-Splunk-Form-Key', document.cookie.match(/splunkweb_csrf_token_8000=(\d+)/)); xhr.send("name=mybrandnewindex&output_mode=json")