Splunk Dev
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Need help getting basic requests.post to work for HTTP Event Collector with Python

voninski
New Member
‎09-04-2016 12:30 PM

OK - This is starting to frustrate me.

I first tried the following command:

curl -k  http://10.10.XX.XX:8088/services/collector/event -H "Authorization: Splunk my_correct_token" -d '{"event": "does this thing work"}'

and it works correctly and the event is received. Cool!

Then I saw the following blog post on building HTTP Events with Python and while I could get the code to execute without error. I could not get the system to receive the event.

Breaking down the event to its most basic components in Python 2.7 I wrote the following code

import requests

requests.post('http://10.10.XX.XX:8088/services/collector/event', headers={'Authorization': 'Splunk my_correct_token}, data = {"event": "through python -- again - does this thing work"})
print "does this thing work"

And while the code runs without error I am not receiving the events in Splunk.

Any ideas?

Thank you.

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

icrushservers
Engager
‎10-20-2016 06:36 AM

Here is my solution to the problem:

#!/usr/bin/python

import requests
import json

url='https://172.16.x.y:8088/services/collector/event'
authHeader = {'Authorization': 'Splunk super_sekrit'}
jsonDict = {"event": "through python -- again - does this thing work"}

r = requests.post(url, headers=authHeader, json=jsonDict, verify=False)
print r.text

View solution in original post

Reply
Solved! Jump to solution
Solution

icrushservers
Engager
‎10-20-2016 06:36 AM

Here is my solution to the problem:

#!/usr/bin/python

import requests
import json

url='https://172.16.x.y:8088/services/collector/event'
authHeader = {'Authorization': 'Splunk super_sekrit'}
jsonDict = {"event": "through python -- again - does this thing work"}

r = requests.post(url, headers=authHeader, json=jsonDict, verify=False)
print r.text
Reply
Solved! Jump to solution

neeldesai1992
Path Finder
‎10-18-2017 09:57 AM

But how can you pass this kind of authorization ('Splunk super_sekrit') if I am using the Java Splunk sdk ? I can't set a header over there. so How can I pass over there?

0 Karma
Reply
Solved! Jump to solution

voninski
New Member
‎10-20-2016 07:13 AM

This works great. And i like the fact that it separates the components needed. Thank you!

0 Karma
Reply
Get Updates on the Splunk Community!

Splunkers, Pack Your Bags: Why Cisco Live EMEA is Your Next Big Destination

The Power of Two: Splunk + Cisco at "Ludicrous Scale"   You know Splunk. You know Cisco. But have you seen ...

Data Management Digest – January 2026

Welcome to the January 2026 edition of Data Management Digest! Welcome to the January 2026 edition of Data ...

Splunk SOAR Now Available on Google Cloud Platform

We’re excited to announce that Splunk SOAR is now natively available as a SaaS solution on Google Cloud ...