Splunk Dev
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Unable to reference .splunkrc file from Splunk Python SDK

nsshey
Explorer
‎12-13-2016 02:47 PM

I created the .splunkrc file and correctly stored it in C:\Users\username.splunkrc
I filled it out with correct credentials.

1) I am trying to access KV store (the credentials work when I enter via cmd line but not when using .splunkrc😞

opts = parse(sys.argv[1:], {}, ".splunkrc")
opts.kwargs["owner"] = "nobody"
opts.kwargs["app"] = "search"
service = client.connect(**opts.kwargs)

I get this error: socket.error: [Errno 10061] No connection could be made because the target machine actively refused it

2) How do I use the .splunkrc for a regular search query connect? I am currently doing this (hardcoded data):

# Create a Service instance and log in 
service = client.connect(
    host=HOST,
    port=PORT,
    username=USERNAME,
    password=PASSWORD)
0 Karma
Reply

jwalthour
Communicator
‎09-20-2017 09:44 AM

Create a file called ".splunkrc" with the following in your $HOME directory:

host=localhost
port=8089
username=restclient
password=splunkC0der

Then, run the following as your splunk user:

splunk add user restclient -password "splunkC0der" -full-name 'REST client' -role admin

Finally, you should be able to create the following login.py file:

import splunklib.client as client
import sys

if len(sys.argv) != 5:
        print "Syntax: login.py username password hostname port"
        sys.exit()

uid  = sys.argv[1];
pwd  = sys.argv[2];
host = sys.argv[3];
port = sys.argv[4];

try:
        service = client.connect(host=host, port=port, username=uid, password=pwd)

        print
        print 'Authenticated, token = [%s]' % service.token
        print

        service.logout()

except Exception, err:
        sys.stderr.write('\nError: %s\n\n' % str(err))

and run it successfully:

python login.py
0 Karma
Reply

Ralf
Explorer
‎09-16-2020 02:15 AM

Hi jwalthour,

I'm new here and found your response here in community (even when far in the past) as I have same issue that .splunkrc file is not recognized.
My understanding was, that if I have this file correctly setup and stored, I do not need to enter any login data
to any Python script at all.

But if I understood your Python example correctly, it ask actively to enter credentials and host/port 
when I execute login.py

 

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Deep insights, no barriers: Splunk Observability Cloud Free Edition

As software delivery cycles continue to accelerate, observability shouldn’t be a luxury — it should be a ...

Monitoring AI Agents with Splunk Observability Cloud

Let’s say I’m running a travel planning AI app in production. A user asks for three concise hotel options in ...

[Puzzles] Solve, Learn, Repeat: Tiling

This puzzle (first published here) is based on finding groups of tessellated tiles (inspired by floor tiles I ...