Splunk Dev

Unable to reference .splunkrc file from Splunk Python SDK

nsshey
Explorer

I created the .splunkrc file and correctly stored it in C:\Users\username.splunkrc
I filled it out with correct credentials.

1) I am trying to access KV store (the credentials work when I enter via cmd line but not when using .splunkrc😞

opts = parse(sys.argv[1:], {}, ".splunkrc")
opts.kwargs["owner"] = "nobody"
opts.kwargs["app"] = "search"
service = client.connect(**opts.kwargs)

I get this error: socket.error: [Errno 10061] No connection could be made because the target machine actively refused it

2) How do I use the .splunkrc for a regular search query connect? I am currently doing this (hardcoded data):

# Create a Service instance and log in 
service = client.connect(
    host=HOST,
    port=PORT,
    username=USERNAME,
    password=PASSWORD)
0 Karma

jwalthour
Communicator

Create a file called ".splunkrc" with the following in your $HOME directory:

host=localhost
port=8089
username=restclient
password=splunkC0der

Then, run the following as your splunk user:

splunk add user restclient -password "splunkC0der" -full-name 'REST client' -role admin

Finally, you should be able to create the following login.py file:

import splunklib.client as client
import sys

if len(sys.argv) != 5:
        print "Syntax: login.py username password hostname port"
        sys.exit()

uid  = sys.argv[1];
pwd  = sys.argv[2];
host = sys.argv[3];
port = sys.argv[4];

try:
        service = client.connect(host=host, port=port, username=uid, password=pwd)

        print
        print 'Authenticated, token = [%s]' % service.token
        print

        service.logout()

except Exception, err:
        sys.stderr.write('\nError: %s\n\n' % str(err))

and run it successfully:

python login.py
0 Karma

Ralf
Explorer

Hi jwalthour,

I'm new here and found your response here in community (even when far in the past) as I have same issue that .splunkrc file is not recognized.
My understanding was, that if I have this file correctly setup and stored, I do not need to enter any login data
to any Python script at all.

But if I understood your Python example correctly, it ask actively to enter credentials and host/port 
when I execute login.py

 

0 Karma
Get Updates on the Splunk Community!

Leveraging Automated Threat Analysis Across the Splunk Ecosystem

Enhance Security Operations with Automated Threat Analysis in the Splunk EcosystemAre you leveraging ...

Splunk Developers: Go Beyond the Dashboard with These .Conf25 Sessions

  Whether you’re building custom apps, diving into SPL2, or integrating AI and machine learning into your ...

Index This | How do you write 23 only using the number 2?

July 2025 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this month’s ...