Getting Data In

rest api auth

bsteelz93
Path Finder

How you could request a session key from splunks rest api without hardcoding passwords in your code?

Tags (2)
1 Solution

MHibbin
Influencer

This may be of use...

http://docs.splunk.com/Documentation/Splunk/4.2.4/Developer/RESTAuthToken

You could run the CLI command one-off and use the resulting sessionKey in subsequent searches (etc.)

e.g. (from the URI above)

curl -u admin:changeme -k https://localhost:8089/services/auth/login/ -d"username=admin&password=changeme"
<response>
<sessionKey>30774f9d502004b5c655c08b5362bdca</sessionKey>

View solution in original post

Ayn
Legend

Same way as you would with any code handling login procedures. This is not a Splunk issue, rather a coding 'issue'. The most common ways to do this are probably either to prompt for username/password interactively when the script is run, or store the credentials in a configuration file separate from your script (and make sure only the appropriate users have read access).

0 Karma

MHibbin
Influencer

This may be of use...

http://docs.splunk.com/Documentation/Splunk/4.2.4/Developer/RESTAuthToken

You could run the CLI command one-off and use the resulting sessionKey in subsequent searches (etc.)

e.g. (from the URI above)

curl -u admin:changeme -k https://localhost:8089/services/auth/login/ -d"username=admin&password=changeme"
<response>
<sessionKey>30774f9d502004b5c655c08b5362bdca</sessionKey>

Dhiraj37
Loves-to-Learn

Could you please tell me how to call authentication rest api for "Splunk Cloude version"

Thanks,

DMC

0 Karma

MHibbin
Influencer

ok well good luck!

0 Karma

bsteelz93
Path Finder

That makes sense I was thinking of something a little different. I have had success with the session key before.

0 Karma

MHibbin
Influencer

I doubt there is a way to get the auth code without logging in at least once (otherwise there would be no point having login details).

If you run the above command ("curl...." on *nix style systems) outside of a script/code, and copy-paste your generated sessionKey into the script/code (as shown in the docs, except without the user/password parts) it should work fine... Or have you already tried this?

0 Karma

bsteelz93
Path Finder

Thanks for that answer. I should have been a little clearer in my questions. Sorry. I saw the docs you mention, but my understanding of that is you still need to hardcode the user and password in the script to get the auth code. Am I misunderstanding something? Is there a way to get the auth code without loggin in?

0 Karma
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Laser Bananas and Edge Hubs: Exploring Operational Technology (OT) Data Through a ...

  OT is a different environment to traditional IT and can have interesting challenges when interfacing the ...

Event Series: Mastering AI Tokenomics and Splunk Agent Observability

Beyond the Black Box: Correlating AI Performance and Tokenomics with Splunk Agent Observability   As ...

span_metrics: The OpenTelemetry-Idiomatic Way to See Inside Your Services

You open a trace in Splunk Observability Cloud and everything looks fine. One root span, order-pipeline, with ...