In case this helps someone in the future, I worked around the problem by cheating. I wrote a small script to manually authenticate and generate a session key. Then I replace the session key in the modinput config and pass it to the script in question.
So, to run it on the command line, I type:
"C:\Program Files\Splunk\bin\splunk" cmd splunkd print-modinput-config simpleinput simpleinput://evc | "c:\Program Files (x86)\Python36-32\python" C:\Utils\session_replacer.py | "C:\Program Files\Splunk\bin\splunk" cmd python "c:\Program Files\Splunk\etc\apps\simpleinput\bin\simpleinput.py"
Here's the content of the file session_replacer.py:
#!/usr/bin/env python
import sys
import re
import requests
import urllib3
urllib3.disable_warnings()
splunk_url = 'https://localhost:8089/services/auth/login'
username = 'admin'
password = 'changeme'
urllib3.disable_warnings()
session = requests.Session()
session.verify = False
form = {'username': username, 'password': password}
response = session.post(url=splunk_url, data=form, verify=False)
matches = re.search('<sessionKey>(.+)</sessionKey>', response.text, re.MULTILINE|re.DOTALL)
if matches is not None:
new_key = matches.group(1)
input = sys.stdin.read()
output = re.sub('<session_key>(.+)</session_key>','<session_key>{}</session_key>'.format(new_key), input, re.MULTILINE|re.DOTALL)
print(output)
... View more