I m trying to login splunk using my sc_admin user through shell script where i want to login and fetch the logs according to the string which i will give but it is failing could you please help me for the same script: #!/bin/bash
# Splunk API endpoint
SPLUNK_URL="https://prd-p-cbutz.splunkcloud.com:8089"
# Splunk username and password
USERNAME=$Username
PASSWORD=$Password
# Search query to retrieve error messages (modify this as needed)
SEARCH_QUERY="sourcetype=error"
# Maximum number of results to retrieve
MAX_RESULTS=10
response=$(curl -k -s -v -u "$USERNAME:$PASSWORD" "$SPLUNK_URL/services/auth/login" -d "username=$USERNAME&password=$PASSWORD")
echo "Response from login endpoint: $response"
# Authenticate with Splunk and obtain a session token
#SESSION_TOKEN=$(curl -k -s -u "$USERNAME:$PASSWORD" "$SPLUNK_URL/services/auth/login" -d "username=$USERNAME&password=$PASSWORD" | xmllint --xpath "//response/sessionKey/text()" -)
SESSION_TOKEN=$(curl -k -s -v -u "$USERNAME:$PASSWORD" "$SPLUNK_URL/services/auth/login" -d "username=$USERNAME&password=$PASSWORD" | grep -oP '<sessionKey>\K[^<]+' | awk '{print $1}')
if [ -z "$SESSION_TOKEN" ]; then
echo "Failed to obtain a session token. Check your credentials or Splunk URL."
exit 1
fi
# Perform a search and retrieve error messages
SEARCH_RESULTS=$(curl -k -s -u ":$SESSION_TOKEN" "$SPLUNK_URL/services/search/jobs/export" -d "search=$SEARCH_QUERY" -d "count=$MAX_RESULTS")
# Check for errors in the search results
if [[ $SEARCH_RESULTS == *"ERROR"* ]]; then
echo "Error occurred while fetching search results:"
echo "$SEARCH_RESULTS"
exit 1
fi
# Parse the JSON results and extract relevant information
echo "Splunk Error Messages:"
echo "$SEARCH_RESULTS" | jq -r '.result | .[] | .sourcetype + ": " + .message'
# Clean up: Delete the search job
curl -k -u ":$SESSION_TOKEN" "$SPLUNK_URL/services/search/jobs" -X DELETE
# Logout: Terminate the session
curl -k -u ":$SESSION_TOKEN" "$SPLUNK_URL/services/auth/logout"
exit 0 even i m also not sure about is i m using the correct port number or not error: $ bash abc.sh * Trying 44.196.237.135:8089... * connect to 44.196.237.135 port 8089 failed: Timed out * Failed to connect to prd-p-cbutz.splunkcloud.com port 8089 after 21335 ms: Couldn't connect to server * Closing connection 0 Response from login endpoint: * Trying 44.196.237.135:8089... * connect to 44.196.237.135 port 8089 failed: Timed out * Failed to connect to prd-p-cbutz.splunkcloud.com port 8089 after 21085 ms: Couldn't connect to server * Closing connection 0 Failed to obtain a session token. Check your credentials or Splunk URL.
... View more