Hi ,
am trying to access :
curl -k https://localhost:8089/services/auth/login -d username=admin -d password=foobar
https://localhost:8089/services/auth/login
Getting error , could you please tell me which credentials need to enter
Hi
use curl -ku USER:PASSWORD https://....
and good habit is first read user:password to env variable like
read UP
and then use it on command like curl -ku $UP .....
r. Ismo
Getting attached error, do you any idea
If I saw correct you have “search index*_internal” when it should be “search index=_internal”
r. Ismo
sorry to asking this many questions, am very new to splunk
getting same error again, but end of the screen below error also coming
ConnectionRefusedError: [WinError 10061] No connection could be made because the target machine actively refused it
note: i have not installed splunk in my machine, please suggest me what to do
thanks for your help
Hi,
I have tried below on my local machine and it's working fine.
curl -k https://localhost:8089/services/auth/login -d username=admin -d password=foobar
you mentioned you have not installed Splunk on local machine, then how you could connect localhost:8089, replace localhost with IP which you are trying to connect.
and make sure, you have connectivity to the IP from the machine you are trying from over port 8089.
you could test connectivity by using telnet
telnet targetIP 8089
if the results says connected, that means you have connectivity.
Thank you very much for prompt reply.
1. is splunk works on 8089 host only?
2.due to admin access , i have not installed splunk in my machine. is there any specifications (host , port and others) to mention if am installing?
3.i wanted to download dashboard graphs from spunk using python script, is this possible? if yes give some ideas?
I think you need to understand below first:
Splunkweb is web page where you can interact with Splunk and it runs on 8000 port by default.
if Splunk is running on your local machine, you could connect Splunk web using url http://localhost:8000 or http://127.0.0.1:8000 and you could connect Splunk web using url https://localhost:8000 or https://127.0.0.1 if ssl is enabled in Splunk web.conf.
Splunk has management port i.e 8089 and this is mainly used for managing Splunk using rest API calls.
to access Splunk from other machine (not locally), to connect splunkweb the url should be http://ip:8000 or https://ip:8000 if ssl is enabled and your Splunk is not setup with custom port.
since you are talking about connecting to Splunk using rest API , the default management port is 8089.
first , check the connectivity from the box you are trying to where Splunk is installed over the port 8089 using telnet as I mentioned before.
coming to your second question that you can download dashboard from Splunk, I don' t think you can download dashboard , but I am sure you can run searches and fetch results.
follow below link.
https://docs.splunk.com/Documentation/Splunk/8.0.5/Search/ExportdatausingRESTAPI
@thambisetty really informative details
i dont have splunk on my machine , i have registered splunk cloud and using since 2days.
1.tested three hosts 8000,8089 and 8080, all are connection failed
2.i don't have any data in splunk cloud , could you please tell me how i can get
3. as you said we can export result from splunk dashboard, may i know in which format we get the result.
4.can we export dashboard to the PPT?
the page what you have shared is from splunkweb only.
if you are using corporate laptop, there could be connectivity issues since you are trying to connect the host and port unknown.
curl -k https://localhost:8089/services/auth/login --data-urlencode username=admin --data-urlencode password=pass
https://docs.splunk.com/Documentation/Splunk/8.0.5/RESTUM/RESTusing#Authentication