Getting Data In
Highlighted

rest api auth

Path Finder

How you could request a session key from splunks rest api without hardcoding passwords in your code?

Tags (2)
Highlighted

Re: rest api auth

Influencer

This may be of use...

http://docs.splunk.com/Documentation/Splunk/4.2.4/Developer/RESTAuthToken

You could run the CLI command one-off and use the resulting sessionKey in subsequent searches (etc.)

e.g. (from the URI above)

curl -u admin:changeme -k https://localhost:8089/services/auth/login/ -d"username=admin&password=changeme"
<response>
<sessionKey>30774f9d502004b5c655c08b5362bdca</sessionKey>

View solution in original post

Highlighted

Re: rest api auth

Path Finder

Thanks for that answer. I should have been a little clearer in my questions. Sorry. I saw the docs you mention, but my understanding of that is you still need to hardcode the user and password in the script to get the auth code. Am I misunderstanding something? Is there a way to get the auth code without loggin in?

0 Karma
Highlighted

Re: rest api auth

Influencer

I doubt there is a way to get the auth code without logging in at least once (otherwise there would be no point having login details).

If you run the above command ("curl...." on *nix style systems) outside of a script/code, and copy-paste your generated sessionKey into the script/code (as shown in the docs, except without the user/password parts) it should work fine... Or have you already tried this?

0 Karma
Highlighted

Re: rest api auth

Path Finder

That makes sense I was thinking of something a little different. I have had success with the session key before.

0 Karma
Highlighted

Re: rest api auth

Influencer

ok well good luck!

0 Karma
Highlighted

Re: rest api auth

Legend

Same way as you would with any code handling login procedures. This is not a Splunk issue, rather a coding 'issue'. The most common ways to do this are probably either to prompt for username/password interactively when the script is run, or store the credentials in a configuration file separate from your script (and make sure only the appropriate users have read access).

0 Karma