New to Splunk and Python... Trying to get up and running with the Python SDK. Installed the SDK for Python libraries, and modified the splunk-sdk-python-master/examples/abc/a.py
file with values that work to log in to our Enterprise installation via the web:
import httplib
#etc
HOST = "54.xxx.xxx.xxx"
PORT = 8000
USERNAME = "my-username"
PASSWORD = "my-password"
#etc etc
When I run this from the terminal with
python a.py
I get the following error:
Traceback (most recent call last):
File "/Users/ben/Desktop/splunk-sdk-python-master/examples/abc/a.py", line 38, in <module>
connection.request("POST", "/services/auth/login", body, headers)
File "/Users/ben/anaconda/lib/python2.7/httplib.py", line 1001, in request
self._send_request(method, url, body, headers)
File "/Users/ben/anaconda/lib/python2.7/httplib.py", line 1035, in _send_request
self.endheaders(body)
File "/Users/ben/anaconda/lib/python2.7/httplib.py", line 997, in endheaders
self._send_output(message_body)
File "/Users/ben/anaconda/lib/python2.7/httplib.py", line 850, in _send_output
self.send(msg)
File "/Users/ben/anaconda/lib/python2.7/httplib.py", line 812, in send
self.connect()
File "/Users/ben/anaconda/lib/python2.7/httplib.py", line 1212, in connect
server_hostname=server_hostname)
File "/Users/ben/anaconda/lib/python2.7/ssl.py", line 350, in wrap_socket
_context=self)
File "/Users/ben/anaconda/lib/python2.7/ssl.py", line 566, in __init__
self.do_handshake()
File "/Users/ben/anaconda/lib/python2.7/ssl.py", line 788, in do_handshake
self._sslobj.do_handshake()
ssl.SSLError: [SSL: UNKNOWN_PROTOCOL] unknown protocol (_ssl.c:581)
Can anyone suggest what I might be doing wrong? Thanks!
I'm getting exactly the same issue. From 2.7.10 not working, downgraded to 2.7.6, to a.py not working and c.py working. Ports and credentials checked.
OK, folks—I think I figured a few things out here. Thank you to all of you who suggested using port 8089 instead of 8000. That was certainly part of the problem.
The two other problems I've identified are:
c.py
example (with port 8089) under Python v2.7.8, I was able to get it to work—it connects and returns the list of installed apps as expected.The a.py
example, however, seems to have another problem. With the same login credentials, port, and in the same environment, it returns this error:
(splunksnake)Bens-MacBook-Pro-2:~ ben$ python /Users/ben/Desktop/splunk-sdk-python-master\ 2/examples/abc/a.py
Traceback (most recent call last):
File "/Users/ben/Desktop/splunk-sdk-python-master 2/examples/abc/a.py", line 45, in
sessionKey = ElementTree.XML(body).findtext("./sessionKey")
File "/Users/ben/anaconda/envs/splunksnake/lib/python2.7/xml/etree/ElementTree.py", line 1301, in XML
return parser.close()
File "/Users/ben/anaconda/envs/splunksnake/lib/python2.7/xml/etree/ElementTree.py", line 1654, in close
self._raiseerror(v)
File "/Users/ben/anaconda/envs/splunksnake/lib/python2.7/xml/etree/ElementTree.py", line 1506, in _raiseerror
raise err
xml.etree.ElementTree.ParseError: no element found: line 1, column 0
Using curl
from the terminal, I can see the Splunk instance is returning a sessionKey, so perhaps there is an issue with the way that key is being handled.
Anyway, thanks again for your help sorting this out!
PORT = 8000
That is the wrong port.
The SplunkD Management port is 8089 by default (as per what is actually in the a.py example).
PORT = 8089
Make sure you are using the right port for your instance.
Ah, OK. The port 8000 works for accessing the instance through the web interface. Should I use a different port for access via the Python SDK?
Can you try 8089
OK, I tried port 8089—it still fails at line 38, but the error message is now:
ssl.SSLError: [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed (_ssl.c:581)
Are you using a self-signed cert? Keystore up to date?
I don't know—let me find out. Thank you for the suggestion!
Should be the Splunk management port, 8089
http://dev.splunk.com/view/python-sdk/SP-CAAAEFC
The rest of the file is as downloaded from the SDK for Splunk. Here's the file in its entirety, as used, except for the server/login credentials:
# Copyright 2011-2014 Splunk, Inc.
#
# Licensed under the Apache License, Version 2.0 (the "License"): you may
# not use this file except in compliance with the License. You may obtain
# a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
# WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
# License for the specific language governing permissions and limitations
# under the License.
"""Retrieves a list of installed apps from Splunk by making REST API calls
using Python's httplib module."""
import httplib
import urllib
from xml.etree import ElementTree
HOST = "54.xxx.xxx.xxx"
PORT = 8000
USERNAME = "my-username"
PASSWORD = "my-password"
# Present credentials to Splunk and retrieve the session key
connection = httplib.HTTPSConnection(HOST, PORT)
body = urllib.urlencode({'username': USERNAME, 'password': PASSWORD})
headers = {
'Content-Type': "application/x-www-form-urlencoded",
'Content-Length': str(len(body)),
'Host': HOST,
'User-Agent': "a.py/1.0",
'Accept': "*/*"
}
try:
connection.request("POST", "/services/auth/login", body, headers)
response = connection.getresponse()
finally:
connection.close()
if response.status != 200:
raise Exception, "%d (%s)" % (response.status, response.reason)
body = response.read()
sessionKey = ElementTree.XML(body).findtext("./sessionKey")
# Now make the request to Splunk for list of installed apps
connection = httplib.HTTPSConnection(HOST, PORT)
headers = {
'Content-Length': "0",
'Host': HOST,
'User-Agent': "a.py/1.0",
'Accept': "*/*",
'Authorization': "Splunk %s" % sessionKey,
}
try:
connection.request("GET", "/services/apps/local", "", headers)
response = connection.getresponse()
finally:
connection.close()
if response.status != 200:
raise Exception, "%d (%s)" % (response.status, response.reason)
body = response.read()
data = ElementTree.XML(body)
apps = data.findall("{http://www.w3.org/2005/Atom}entry/{http://www.w3.org/2005/Atom}title")
for app in apps:
print app.text
Can you please copy some code from a.py file, specially some code around line 38 (few lines above and below).
File "/Users/ben/Desktop/splunk-sdk-python-master/examples/abc/a.py", line 38, in
connection.request("POST", "/services/auth/login", body, headers)