Splunk REST API with NodeJs: trouble getting start...

mattee1283 · ‎07-07-2021

I'm new to this, and would appreciate any help from someone who uses NodeJs with Splunk. I can successfully query past search jobs and details for a specific search job given the SID, but I can't create a search job or get a session key through the login link. Below is the code I have working so far, and after that I will show the code that is not working:

const url = 'https://mydomain:8089/services/search/jobs'
const auth = {
username: 'myusername',
password: 'mypassword',
}
axios.get(url, {auth})
.then((response) => {
// do something with the response ...
})
.catch((error) => {
// handle error ...
})

However, when I try to create a search job in a similar way, it does not work, and when I try to get a session key, it does not work. I will show both codes snippets. The following gives me a 401 Unauthorized:

const search = 'search mysearch'
const params = {search}
axios.post(url, {auth, params})
.then((response) => {
// do something with response ...
})
.catch((error) => {
// handle error ...
})

When I try to first get a session key, however, it gives me a 400 Bad Request:

const loginurl = 'https://mydomain:8089/services/auth/login'
axios.post(loginurl, {auth})
.then((response) => {
// do something with response ...
})
.catch((error) => {
// handle error ...
})

I've been banging my head against the wall with this. Any help is greatly appreciated!

Splunk REST API with NodeJs: trouble getting started creating a search job

search job inspector

.conf24 | Day 0

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

Troubleshooting the OpenTelemetry Collector