Re: Using tokens in splunklib?

bojanz · ‎08-10-2013

Hi,

I'm writing a custom command that is supposed to do some actions on Splunk through its REST interface so I wanted to use the SDK.
However, I'm having problems authenticating with the session token. Here's the setup:

In commands.conf:

[mycommand]
filename = mycommand.py
generating = true
maxinputs = 1
stderr_dest = message
passauth = true

The code (auth part):

import splunklib.client as client
import splunk.Intersplunk as si

settings = dict()
records = si.readResults(settings = settings, has_header = True)

sKey = settings['sessionKey']

service = client.connect(token=sKey)
a = service.apps["search"]
st = a.state()

And I don't get anything back.
If I change the client.connect call to use hardcoded credentials it works without any problems.
In Splunk I'm logged in as admin.

Any idea why I can't pass tokens like this to the Service class?

David_Noble_at_ · ‎11-15-2013

Your configuration looks good. Assuming you've got a good session key client.connect should work. What value are you getting back from settings['sessionKey']?

Using tokens in splunklib?

[Puzzles] Solve, Learn, Repeat: Unmerging HTML Tables

Enterprise Security (ES) Essentials 8.3 is Now GA — Smarter Detections, Faster ...

AI for AppInspect

Join the Conversation

Using tokens in splunklib?

[Puzzles] Solve, Learn, Repeat: Unmerging HTML Tables

Enterprise Security (ES) Essentials 8.3 is Now GA — Smarter Detections, Faster ...

AI for AppInspect