- Find Answers
- :
- Splunk Administration
- :
- Admin Other
- :
- Security
- :
- Gettting 404 error while trying to create an acces...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
curl command :
curl -k -u admin:Password -X POST http://127.0.0.1:8000/en-US/services/authorization/tokens?output_mode=json --data name=admin --data audience=Users --data-urlencode expires_on=+30d
But I am able to login via UI and create an access token.
If I try to do the same using curl command, I am getting the below response.
Note: The response has been trimmed.
<div class="error-message">
<h1 data-role="error-title">Oops.</h1>
<p data-role="error-message">Page not found! Click <a href="/" data-role="return-to-splunk-home">here</a> to return to Splunk homepage.</p>
</div>
</div>
</div>
<div class="message-wrapper">
<div class="message-container fixed-width" data-role="more-results"><a href="/en-US/app/search/search?q=index%3D_internal%20host%3D%22f6xffpvw93.corp.com%2A%22%20source%3D%2Aweb_service.log%20log_level%3DERROR%20requestid%3D6740cfffb611125b5e0" target="_blank">View more information about your request (request ID = 6740cfffb611125b5e0) in Search</a></div>
<div class="message-container fixed-width" data-role="crashes"></div>
<div class="message-container fixed-width" data-role="refferer"></div>
<div class="message-container fixed-width" data-role="debug"></div>
<div class="message-container fixed-width" data-role="byline">
<p class="byline">.</p>
</div>
</div>
</body>
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
To use the API to create access tokens, you need to use the management port (8089) not the web interface port (8000). You also need to remove the localization (en-US) part of your path.
It should be:
curl -k -u admin:Password -X POST http://127.0.0.1:8089/services/authorization/tokens?output_mode=json --data name=admin --data audience=Users --data-urlencode expires_on=+30dI also suggest using https:// instead of http:// . You don't want your token to be visible in plaintext over the network.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
To use the API to create access tokens, you need to use the management port (8089) not the web interface port (8000). You also need to remove the localization (en-US) part of your path.
It should be:
curl -k -u admin:Password -X POST http://127.0.0.1:8089/services/authorization/tokens?output_mode=json --data name=admin --data audience=Users --data-urlencode expires_on=+30dI also suggest using https:// instead of http:// . You don't want your token to be visible in plaintext over the network.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks a lot Marnall. That worked.
Infographic provides the TL;DR for the 2024 Splunk Career Impact Report
Enterprise Security Content Update (ESCU) | New Releases
Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?
