×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
rsarode
Engager
Member since: ‎04-11-2017
‎06-05-2020
Community Statistics
Posts 1
Solutions 0
Karma Given 0
Karma Received 1
Member Since ‎04-11-2017
Activity Feed
View All

POST HTTP event to splunk : call not properly aut...

by in Security
‎04-11-2017 03:21 PM
1 Karma
‎04-11-2017 03:21 PM
1 Karma
Trying to POST events to splunk using HTTP. This local on prem splunk installation. For now I am getting this - rsarode-mac:splunk rugvedsarode$ curl -k -H "Authorization: Splunk <MY-TOKEN-ID> https://localhost:8001/services/collector/event -d '{"event":"hello world"}' <?xml version="1.0" encoding="UTF-8"?> <response> <messages> <msg type="WARN">call not properly authenticated</msg> </messages> </response> I saw this but it did not help - https://answers.splunk.com/answers/406291/using-java-to-make-a-rest-api-call-to-splunk-why-a.html?utm_source=typeahead&utm_medium=newquestion&utm_campaign=no_votes_sort_relev I even tried to add "-u admin:". But still same issue. Note my - mgmtHostPort = 127.0.0.1:8001 Furthermore, what is the corresponding header key value for curl "-k" option? Like we have Content-Type: text/xml; OR Connection: Keep-Alive; ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎06-05-2020 02:03 AM
Karma from
View All