Splunk Dev
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

How to connect to management port REST API from the Python Module which sits in controller directory?

kartik13
Communicator
‎11-29-2016 03:35 AM

I am stuck at one point where i have to make a POST request from the UI to management port API. Now i cannot do that as i need session token and have to allow the Splunk server to accept any request from the IP, which is not an efficient way. So i want to make a REST Request to the custom URL, which in turn should make request the Splunk webserver. I have to do it with Python, but the only concern is how can i make the custom URL in the existing app and handle it ,

i am making the ajax request at /custom/app_name/module/function

and in the controller i have a function defined, but still i am not able to get success.

Any sort of help will be appreciated.

Thanks

0 Karma
Reply

gjanders
SplunkTrust
SplunkTrust
‎11-29-2016 11:31 PM

So to use the REST interface with python perhaps something like this.

The below code is partially based on the "Splunk REST API is easy to use" blog post , and also on some other documentation on the Splunk website:

import urllib
import urllib2
import ssl
import base64

#Send a request using a POST command to the required URL
#SSL checking is disabled due to use of the self-signed certificates
def sendrequest(values, server, url):
    ctx = ssl.create_default_context()
    ctx.check_hostname = False
    ctx.verify_mode = ssl.CERT_NONE
    data = urllib.urlencode(values)
    req = urllib2.Request(server + url, data)

    req.add_header("Authorization", "Basic %s" % base64string)
    response = urllib2.urlopen(req, context=ctx)
    the_page = response.read()


username = "username"
password = "<yourpassword>"
base64string = base64.encodestring('%s:%s' % (username, password)).replace('\n', '')
server = "https://localhost:8089/"
url = "/servicesNS/nobody/<app...>"

#Create the Oracle_SIEMUser_ChangePassword identity with username SIEM_USER
values = {"parameter1" : "value1",
}

#Actually run the HTTP request
sendrequest(values, server, url)

I normally determine the endpoint by hitting:
https://:8089/servicesNS/nobody

And then determining where I should go, there is likely a better way to do it !

-
Alerts for Splunk Admins, Version Control for Splunk, Decrypt2 VersionControl For SplunkCloud
0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

This challenge was first posted on Slack #puzzles channelFor BORE at .conf23, we had a puzzle question which ...

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...