Splunk Dev
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

I cannot reach Splunk Cloud API from a python app

jalbarracinklar
Engager
‎08-06-2024 01:54 PM

Hello!

How are you?
We are currently working on an integration with Splunk Cloud to be able to retrieve a set of data that we persist in an index and then we search to generate a table.
For this, we need to use the Splunk Cloud API from another of our developments.
We generate a new local user on the platform and assign it a new role with 'search' permission on the index we need to query.
Then, we perform this test call from our computer:
curl -v -u username:p455w0rd -k https://<organization>.splunkcloud.com:8089/services/search/jobs -d search='index="index_to_query" rule="inventory" | stats count by rawData.Association.asset | sort - count'
but the response we get is as follows:
* Trying <IP>:8089....
* connect to<IP> port 8089 failed: Operation timed out
* Failed to connect to<organization>.splunkcloud.com port 8089 after 75195 ms: Couldn't connect to server

We investigated in Splunk forums and found that it could be caused by a Splunk Cloud restriction, and that apparently we could solve it by adding the subnets from where we do the consumption in: https://<organization>.splunkcloud.com/en-GB/manager/system/manage_system_config/ip_allow_list

We tried that but we're getting the same error message 😞

Have you faced this in the past?

Thank you very much!
Regards,
Juanma

Labels (2)
Labels
0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎08-07-2024 12:08 AM

Hi @jalbarracinklar ,

one of my customers had the same issue, they opened a ticet to Splunk Support and quickly solved.

Ciao.

Giuseppe

Reply

jalbarracinklar
Engager
‎08-09-2024 12:30 PM

Grazie Giuseppe!

We're gonna try that 🙂

0 Karma
Reply

richgalloway
SplunkTrust
SplunkTrust
‎08-06-2024 05:51 PM

Verify your network allows connections *out* to your Splunk Cloud stack's port 8089.

---
If this reply helps you, Karma would be appreciated.
0 Karma
Reply

jalbarracinklar
Engager
‎08-09-2024 12:31 PM

This is going through Internet and from different places so we don't have a FW blocking our traffic at the moment 😞

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...