OK - This is starting to frustrate me.
I first tried the following command:
curl -k http://10.10.XX.XX:8088/services/collector/event -H "Authorization: Splunk my_correct_token" -d '{"event": "does this thing work"}'
and it works correctly and the event is received. Cool!
Then I saw the following blog post on building HTTP Events with Python and while I could get the code to execute without error. I could not get the system to receive the event.
Breaking down the event to its most basic components in Python 2.7 I wrote the following code
import requests
requests.post('http://10.10.XX.XX:8088/services/collector/event', headers={'Authorization': 'Splunk my_correct_token}, data = {"event": "through python -- again - does this thing work"})
print "does this thing work"
And while the code runs without error I am not receiving the events in Splunk.
Any ideas?
Thank you.
Here is my solution to the problem:
#!/usr/bin/python
import requests
import json
url='https://172.16.x.y:8088/services/collector/event'
authHeader = {'Authorization': 'Splunk super_sekrit'}
jsonDict = {"event": "through python -- again - does this thing work"}
r = requests.post(url, headers=authHeader, json=jsonDict, verify=False)
print r.text
Here is my solution to the problem:
#!/usr/bin/python
import requests
import json
url='https://172.16.x.y:8088/services/collector/event'
authHeader = {'Authorization': 'Splunk super_sekrit'}
jsonDict = {"event": "through python -- again - does this thing work"}
r = requests.post(url, headers=authHeader, json=jsonDict, verify=False)
print r.text
But how can you pass this kind of authorization ('Splunk super_sekrit') if I am using the Java Splunk sdk ? I can't set a header over there. so How can I pass over there?
This works great. And i like the fact that it separates the components needed. Thank you!