Splunk Dev
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

How to log in to Splunk using the Splunk Python SDK?

reachvgupta
New Member
‎04-16-2015 10:39 PM

I am trying to log in and search users from a windows machine on Splunk server using Splunk python SDK over HTTP, but getting some errors. Please find Logs below ( HTTP Request / Response ) .

c:\Users\vgupta13\Downloads\splunk-sdk-python-master\examples>C:\Python27\python.exe search.py "search vgupta13 " --output_mode=csv --verbose=verbose
{'body': 'username=vgupta13&password=*******', 'headers': [('Content-Type', 'application/x-www-form-urlencoded')], 'method': 'POST'}

send: 'POST /services/auth/login HTTP/1.1\r\nAccept-Encoding: identity\r\nContent-Length: 35\r\nContent-Type: application/x-www-form-urlencoded\r\nHost: ficcspl
unk\r\nAccept: */*\r\nUser-Agent: splunk-sdk-python/0.1\r\n\r\nusername=vgupta13&password=*******'
Get the response from the server.
HTTPResponse init
------------------begin
reply: 'HTTP/1.1 303 See Other\r\n'
header: Server: CherryPy/3.1.2
header: Location: http://splunkserver/en-US/services/auth/login
header: Content-Type: text/html;charset=utf-8
header: Content-Length: 132
header: Date: Mon, 13 Apr 2015 12:02:52 GMT
header: Set-Cookie: session_id_8000=4f0020a7bf9fe5c60abcddbdf6a6e037a4a3d35a; expires=Tue, 21 Apr 2015 12:02:52 GMT; httponly; Path=/




send: 'GET /servicesNS/nobody/alert/search/parser?q=search+vgupta13+&parse_only=True HTTP/1.1\r\nAccept-Encoding: identity\r\nContent-Length: 0\r\nHost: ficcspl
unk\r\nAccept: */*\r\nUser-Agent: splunk-sdk-python/0.1\r\n\r\n'
***Get the response from the server.***
HTTPResponse init
------------------begin
reply: 'HTTP/1.1 303 See Other\r\n'
header: Server: CherryPy/3.1.2
header: Location: http://splunkserver/en-US/servicesNS/nobody/alert/search/parser?q=search+vgupta13+&parse_only=True
header: Content-Type: text/html;charset=utf-8
header: Content-Length: 246
header: Date: Mon, 13 Apr 2015 12:02:52 GMT
header: Set-Cookie: session_id_8000=79ff553379c53a3dac1846f27c065d3561cd3f3c; expires=Tue, 21 Apr 2015 12:02:52 GMT; httponly; Path=/


{'body': 'search=search+vgupta13+', 'headers': [('Content-Type', 'application/x-www-form-urlencoded')], 'method': 'POST'}

send: 'POST /servicesNS/nobody/alert/search/jobs/ HTTP/1.1\r\nAccept-Encoding: identity\r\nContent-Length: 23\r\nContent-Type: application/x-www-form-urlencoded
\r\nHost: splunkserver\r\nAccept: */*\r\nUser-Agent: splunk-sdk-python/0.1\r\n\r\nsearch=search+vgupta13+'
Get the response from the server.
HTTPResponse init
------------------begin
reply: 'HTTP/1.1 303 See Other\r\n'
header: Server: CherryPy/3.1.2
header: Location: http://splunkserver/en-US/servicesNS/nobody/alert/search/jobs
header: Content-Type: text/html;charset=utf-8
header: Content-Length: 164
header: Date: Mon, 13 Apr 2015 12:02:53 GMT
header: Set-Cookie: session_id_8000=d67ebfa9d64e26c2be64a6943b6d93abc5839d5e; expires=Tue, 21 Apr 2015 12:02:53 GMT; httponly; Path=/


self.fp
Traceback (most recent call last):
  File "search.py", line 115, in 
    main(sys.argv[1:])
  File "search.py", line 80, in main
    job = service.jobs.create(search, **kwargs_create)
  File "..\splunklib\client.py", line 2882, in create
    sid = _load_sid(response)
  File "..\splunklib\client.py", line 221, in _load_sid
    return _load_atom(response).response.sid
AttributeError: 'NoneType' object has no attribute 'response'
0 Karma
Reply

paramagurukarth
Builder
‎04-17-2015 03:03 AM

Please try the below

 import splunklib.client as client

    class RestController():
        HOST = "localhose"
        PORT = 8089
        USERNAME = "userName"
        PASSWORD = "password"

        currentUser =""


        def getService(self):        
            return client.connect(host=self.HOST,port=self.PORT,username=self.USERNAME,password=self.PASSWORD)


    mani = RestController()
    service = mani.getService()
    users = service.users
    for user in users:
        print user.name
0 Karma
Reply

paramagurukarth
Builder
‎04-17-2015 03:05 AM

To do other items .. have a look into you splunklib.Cline.py's Service class

0 Karma
Reply

reachvgupta
New Member
‎04-29-2015 11:12 PM

Its giving me same Error.... as Above 😞

0 Karma
Reply

reachvgupta
New Member
‎04-29-2015 11:13 PM

Traceback (most recent call last):
File "testlogin.py", line 15, in
for user in users:
File "C:\Python27\lib\site-packages\splunklib\client.py", line 1218, in iter
for item in self.iter(**kwargs):
File "C:\Python27\lib\site-packages\splunklib\client.py", line 1382, in iter
items = self._load_list(response)
File "C:\Python27\lib\site-packages\splunklib\client.py", line 1288, in _load_list
entries = _load_atom_entries(response)
File "C:\Python27\lib\site-packages\splunklib\client.py", line 202, in _load_atom_entries
if 'feed' in r:
TypeError: argument of type 'NoneType' is not iterable

0 Karma
Reply

reachvgupta
New Member
‎04-17-2015 02:06 AM

I am stuck , can someone please have a look

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

This challenge was first posted on Slack #puzzles channelFor BORE at .conf23, we had a puzzle question which ...

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...