Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Using the AUTH LOGIN sessionkey with Curl SplunkAPI

admoseley
Explorer
‎05-09-2012 02:57 PM

I can successfully get a session key and capture it into a variable.. (using powershell)
What is the syntax for using the sessionkey to authenticate if I wanted to follow with a search command?

EX:
PS C:\Program Files\curl> [xml]$AuthKey = .\curl.exe -k https://splunkapi.localhost.com:8089/servicesNS/admin
/search/auth/login/ -d"username=username1" -d"password=password1"
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 118 100 80 100 38 146 69 --:--:-- --:--:-- --:--:-- 146
PS C:\Program Files\curl> $AuthKey.response.sessionKey
a72889e1846e16be2a2e0e707afcb2b6

I've looked at this but I see no specific example of the sessionkey being used.
http://dev.splunk.com/view/rest-api-overview/SP-CAAADP8

I've attempted several variations like this:
PS C:\Program Files\curl> .\curl -k https://splunkapi.localhost.com:8089/servicesNS/username/search/search/jobs -H"Authorization: Splunk $AuthKey.response.sessionKey" --data-urlencode search="|savedsearch test_saved_search"

thanks.

Reply
1 Solution
Solved! Jump to solution
Solution

admoseley
Explorer
‎05-10-2012 01:56 PM

Finally found an example on http://stackoverflow.com/questions/3044315/how-to-set-the-authorization-header-using-curl

Turns out I was missing the space after the -H
curl -H "Authorization: OAuth " http://www.example.com

I hope this helps any new to this like I am!

View solution in original post

Reply
Solved! Jump to solution

arahut_splunk
Splunk Employee
Splunk Employee
‎02-11-2014 10:15 AM

curl -k -u admin:changeme https://foobar:8101/services/auth/login -d username=admin -d password=changeme

2b8868fe198cf1203256e6af6515bfad

curl -k -H "Authorization: Splunk 2b8868fe198cf1203256e6af6515bfad" https://foobar:8101/services/search/jobs | less

succeeds... OUTPUT below

0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0<?xml version="1.0" encoding="UTF-8"?>
<!--This is to override browser formatting; see server.conf[httpServer] to disable. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .-->
<?xml-stylesheet type="text/xml" href="/static/atom.xsl"?>

jobs
https://foobar:8101/services/search/jobs
2014-02-11T10:13:55-08:00


Splunk

opensearch:totalResults7/opensearch:totalResults
opensearch:itemsPerPage0/opensearch:itemsPerPage
opensearch:startIndex0/opensearch:startIndex
{snipped}

Reply
Solved! Jump to solution
Solution

admoseley
Explorer
‎05-10-2012 01:56 PM

Finally found an example on http://stackoverflow.com/questions/3044315/how-to-set-the-authorization-header-using-curl

Turns out I was missing the space after the -H
curl -H "Authorization: OAuth " http://www.example.com

I hope this helps any new to this like I am!

Reply
Get Updates on the Splunk Community!

Splunk Classroom Chronicles: Training Tales and Testimonials (Episode 3)

Welcome back to Splunk Classroom Chronicles, our ongoing blog series that pulls back the curtain on Splunk ...

Operationalizing TDIR: Building a More Resilient, Scalable SOC

Optimizing SOC workflows with a unified, risk-based approach to Threat Detection, Investigation, and Response ...

Almost Too Eventful Assurance: Part 1

Modern IT and Network teams still struggle with too many alerts and isolating issues before they are notified. ...