Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

rest api auth

bsteelz93
Path Finder
‎11-25-2011 08:50 AM

How you could request a session key from splunks rest api without hardcoding passwords in your code?

Tags (2)
Reply
1 Solution
Solved! Jump to solution
Solution

MHibbin
Influencer
‎11-25-2011 09:11 AM

This may be of use...

http://docs.splunk.com/Documentation/Splunk/4.2.4/Developer/RESTAuthToken

You could run the CLI command one-off and use the resulting sessionKey in subsequent searches (etc.)

e.g. (from the URI above)

curl -u admin:changeme -k https://localhost:8089/services/auth/login/ -d"username=admin&password=changeme"
<response>
<sessionKey>30774f9d502004b5c655c08b5362bdca</sessionKey>

View solution in original post

Reply
Solved! Jump to solution

Ayn
Legend
‎11-26-2011 08:46 AM

Same way as you would with any code handling login procedures. This is not a Splunk issue, rather a coding 'issue'. The most common ways to do this are probably either to prompt for username/password interactively when the script is run, or store the credentials in a configuration file separate from your script (and make sure only the appropriate users have read access).

0 Karma
Reply
Solved! Jump to solution
Solution

MHibbin
Influencer
‎11-25-2011 09:11 AM

This may be of use...

http://docs.splunk.com/Documentation/Splunk/4.2.4/Developer/RESTAuthToken

You could run the CLI command one-off and use the resulting sessionKey in subsequent searches (etc.)

e.g. (from the URI above)

curl -u admin:changeme -k https://localhost:8089/services/auth/login/ -d"username=admin&password=changeme"
<response>
<sessionKey>30774f9d502004b5c655c08b5362bdca</sessionKey>
Reply
Solved! Jump to solution

Dhiraj37
Loves-to-Learn
‎11-19-2020 06:02 AM

Could you please tell me how to call authentication rest api for "Splunk Cloude version"

Thanks,

DMC

0 Karma
Reply
Solved! Jump to solution

MHibbin
Influencer
‎11-27-2011 10:15 AM

ok well good luck!

0 Karma
Reply
Solved! Jump to solution

bsteelz93
Path Finder
‎11-27-2011 10:01 AM

That makes sense I was thinking of something a little different. I have had success with the session key before.

0 Karma
Reply
Solved! Jump to solution

MHibbin
Influencer
‎11-26-2011 07:16 AM

I doubt there is a way to get the auth code without logging in at least once (otherwise there would be no point having login details).

If you run the above command ("curl...." on *nix style systems) outside of a script/code, and copy-paste your generated sessionKey into the script/code (as shown in the docs, except without the user/password parts) it should work fine... Or have you already tried this?

0 Karma
Reply
Solved! Jump to solution

bsteelz93
Path Finder
‎11-25-2011 05:41 PM

Thanks for that answer. I should have been a little clearer in my questions. Sorry. I saw the docs you mention, but my understanding of that is you still need to hardcode the user and password in the script to get the auth code. Am I misunderstanding something? Is there a way to get the auth code without loggin in?

0 Karma
Reply
Get Updates on the Splunk Community!

Detecting Brute Force Account Takeover Fraud with Splunk

This article is the second in a three-part series exploring advanced fraud detection techniques using Splunk. ...

Buttercup Games: Further Dashboarding Techniques (Part 9)

This series of blogs assumes you have already completed the Splunk Enterprise Search Tutorial as it uses the ...

Buttercup Games: Further Dashboarding Techniques (Part 8)

This series of blogs assumes you have already completed the Splunk Enterprise Search Tutorial as it uses the ...
Top