Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Unable to manipulate serverclass whitelist via REST

wegscd
Contributor
‎06-08-2016 06:39 AM

We're trying to script some whitelisting of hosts in serverclasses, hit a snag.

We create a test serverclass named 'posttest' with one app and nothing in the whitelist. When we try to add a host:

curl -x '' -k -u admin:xxxxxxx https://splunk-c-ds.local:8089/services/deployment/server/serverclasses/posttest -d whitelist.0=posted_host

we get this response

<?xml version="1.0" encoding="UTF-8"?>
<response>
  <messages>
    <msg type="ERROR">
 In handler 'serverclasses': bundle=serverclass stanza=serverClass:posttest The sourceApp=system doesn't equal callerApp=search</msg>
  </messages>
</response>

This appears to be the same issue seen by a212830 seen down in the notes for https://answers.splunk.com/answers/307335/why-am-i-getting-error-cannot-perform-action-post.html, no there is no solution posted there.

We're running 6.3.0.1.

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

wegscd
Contributor
‎06-08-2016 07:47 AM

Found my own answer. The POST endpoint is not always /services/deployment/server/serverclasses/classname

It's different for the different serverclasses (depends on what application you were in when dropped into forwarder management and added the server class). When POSTing changes, you need to use the endpoint listed in the href for the <link> that has rel="edit"

View solution in original post

Reply
Solved! Jump to solution

ben_leung
Builder
‎09-07-2017 05:03 PM

Have you tried adding "reload" to the endpoint url?

/services/deployment/server/serverclasses//reload

0 Karma
Reply
Solved! Jump to solution
Solution

wegscd
Contributor
‎06-08-2016 07:47 AM

Found my own answer. The POST endpoint is not always /services/deployment/server/serverclasses/classname

It's different for the different serverclasses (depends on what application you were in when dropped into forwarder management and added the server class). When POSTing changes, you need to use the endpoint listed in the href for the <link> that has rel="edit"

Reply
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...