Solved: SPL | REST command does not work when non-Admin

simpkins1958 · ‎07-30-2019

User with these capabilities fails, but ADMIN user works.

This SPL works fine when logged in as ADMIN, but does not work when logged in as a poweruser account. What capabilities do I need to turn on for user when not ADMIN?

Failed to fetch REST endpoint uri=https://127.0.0.1:8089/services/authentication/httpauth-tokens?count=0 from server https://127.0.0.1:8089. Check that the URI path provided exists in the REST API.

renjith_nair · ‎07-30-2019

@simpkins1958 ,

For the specific rest endpoint you are using, you should add list_httpauths in addition to the rest_properties_get

Details in : https://docs.splunk.com/Documentation/Splunk/7.3.0/Security/Rolesandcapabilities

View solution in original post

renjith_nair · ‎07-30-2019

@simpkins1958 ,

For the specific rest endpoint you are using, you should add list_httpauths in addition to the rest_properties_get

Details in : https://docs.splunk.com/Documentation/Splunk/7.3.0/Security/Rolesandcapabilities

View solution in original post

renjith_nair · ‎07-30-2019

@simpkins1958 ,

rest_properties_get should be enough if you want to use GET

Reference : https://docs.splunk.com/Documentation/Splunk/7.3.0/Security/Rolesandcapabilities

simpkins1958 · ‎07-30-2019

rest_properties_get has been enabled and still not working.

SPL | REST command does not work when non-Admin

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.Find out what your skills are worth! Read the report >

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!

Read the report >