Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Create a User using the PHP SDK

ztom
Explorer
‎08-05-2013 01:29 AM

I'm building a PHP web app that uses the Splunk PHP SDK and I've hit a brick wall trying to create a new Splunk user.

Ideally when a user account is created in my app, a corresponding account should be created in Splunk with the same credentials.

I've read up on the REST documentation and found the correct Endpoint - authentication/users/ but as far as I can tell the PHP SDK does not support creating an Entity that is not part of a Collection as Splunk_Entity does not have a create() method.

I have successfully created dashboards using the SDK which are Splunk_Collection objects, and gathered system info from server/info as a Splunk_Entity.

I have attempted to create a user by using create() on a Splunk_Collection, but as authentication/users does not have a namespace when the collection is returned a fatal is thrown attempting to check the non-existent namespace:

Fatal error: Call to a member function children() on a non-object in /var/www/html/dev/plugins/splunk_connector/sdk/Splunk/AtomFeed.php on line 45

In summary, my questions are:

  • How (if at all) can I create an Entity using the PHP SDK?
  • How do I create a User using the authenticaiton/users Endpoint?
Tags (5)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

ztom
Explorer
‎08-07-2013 12:58 AM

Thanks!

I tried the code that you provided but encountered the same issue I highlighted before:

Fatal error: Call to a member function children() on a non-object in /var/www/html/dev/plugins/splunk_connector/sdk/Splunk/AtomFeed.php on line 45

After digging into the SDK I believe I've found the root cause of the issue:

Line 242 in Collection.php, in the create() function checks for an endpoint that doesn't return content by testing

if ($response->body === '')

The triple equals type check always fails because the empty Entity returned when creating a user returns an empty SimpleXMLElement Object ( ) instead of an empty string.

I don't have enough experience or exposure to the SDK to say this will fix all test cases, but changing to the use of empty() fixes the problem for me:

if ( empty($response->body) )

View solution in original post

0 Karma
Reply
Solved! Jump to solution

leordimalanta
Explorer
‎12-18-2013 07:11 PM

Hi Sir,

I'm sorry for asking this question if you don't mind, can you please give me some tips on how to generate dashboard using php sdk. I've been running in circles over this matter for days. Can you please help if it is ok.

Thank you in advance. ^^

0 Karma
Reply
Solved! Jump to solution
Solution

ztom
Explorer
‎08-07-2013 12:58 AM

Thanks!

I tried the code that you provided but encountered the same issue I highlighted before:

Fatal error: Call to a member function children() on a non-object in /var/www/html/dev/plugins/splunk_connector/sdk/Splunk/AtomFeed.php on line 45

After digging into the SDK I believe I've found the root cause of the issue:

Line 242 in Collection.php, in the create() function checks for an endpoint that doesn't return content by testing

if ($response->body === '')

The triple equals type check always fails because the empty Entity returned when creating a user returns an empty SimpleXMLElement Object ( ) instead of an empty string.

I don't have enough experience or exposure to the SDK to say this will fix all test cases, but changing to the use of empty() fixes the problem for me:

if ( empty($response->body) )
0 Karma
Reply
Solved! Jump to solution

fross_splunk
Splunk Employee
Splunk Employee
‎08-07-2013 10:57 AM

Ah. I'll file a bug so we can fix it for the next release.

0 Karma
Reply
Solved! Jump to solution

fross_splunk
Splunk Employee
Splunk Employee
‎08-06-2013 10:36 AM

Entities in Splunk are arranged into collections, and it is collections that have a create method. Even though the Splunk SDK for PHP doesn't have explicit support for users, it's a very regular collection (with the exception that usernames are case insensitive, so stick with all lowercase or it will get confused), and you can create a collection by hand.

So if you have a Splunk service object in $service, you can do

$userCollection = new Splunk_Collection($service, 'authentication/users/');
$user = $userCollection->create("my_new_user", array(
    "password" => "some_password",
    "roles" => array("user", "power")
));

(I haven't actually tried that since I don't have PHP installed on this machine, but it should be close.) This creates a user in Splunk and returns and entity that references it.

Reply
Get Updates on the Splunk Community!

Splunk Enterprise Security 8.0.2 Availability: On cloud and On-premise!

A few months ago, we released Splunk Enterprise Security 8.0 for our cloud customers. Today, we are excited to ...

Logs to Metrics

Logs and Metrics Logs are generally unstructured text or structured events emitted by applications and written ...

Developer Spotlight with Paul Stout

Welcome to our very first developer spotlight release series where we'll feature some awesome Splunk ...