Splunk Dev

Using Splunk REST API to run a search giving "401 Unauthorized Error"

hiteshkanchan
Communicator

I am using REST API from python script and use the following link as an example

http://blogs.splunk.com/2011/08/02/splunk-rest-api-is-easy-to-use/comment-page-1/#comment-63962

But I am getting some error when i run this.
The Error in Step 3 is the following.

**====>sid: 1335953526.93 <====

/services/search/jobs/1335953526.93/

Traceback (most recent call last):
File “C:/Python2.7/Examples/diveintopython-examples-5.4/diveintopython-5.4/py/login_script.py”, line 67, in

isdonestatus = isdonestatus.search(searchstatus).groups()[0]

AttributeError: ‘NoneType’ object has no attribute ‘groups’

**

And if I skip Step 3 and execute Step 4 i get the following "401 Unauthorized" error

e1e8a79b76386f63cf2e692562b52baf

====>sid: 1335953707.93 <====

====>search result: [401 Unauthorized.] <====

Can you help me resolve this?

Tags (1)
0 Karma
1 Solution

hiteshkanchan
Communicator

This problem comes due to authentication problem. Once we set proper aothorization it gets resolved

View solution in original post

0 Karma

hiteshkanchan
Communicator

This problem comes due to authentication problem. Once we set proper aothorization it gets resolved

0 Karma

hiteshkanchan
Communicator

The sid is returned properly in step 2 but the step 3 below fails
giving the error "AttributeError: ‘NoneType’ object has no attribute ‘groups’"

Step 3: Get the search status

myhttp.add_credentials(username, password)

servicessearchstatusstr = '/services/search/jobs/%s/' % sid

isnotdone = True

while isnotdone:

    searchstatus = myhttp.request(baseurl + servicessearchstatusstr, 'GET')[1]
    isdonestatus = re.compile('isDone">(0|1)')
    isdonestatus = isdonestatus.search(searchstatus).groups()[0]
    if (isdonestatus == '1'):
        isnotdone = False
print "====>search status:  %s  <====" % isdonestatus
0 Karma
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

 (view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...