Installation
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Why am I getting this 400 Bad Request?

lrs122
New Member
‎01-31-2018 03:21 PM

I've tried about 80 different variations on this payload, but can't get anything to work. The below is probably the most simplistic with nothing but a "*" in the search. All return a 400 Bad Request. I'm sure it's something simple (always is) and I've re-read the documentation a couple times, so hopefully someone here can smack me in the back of the head. This is a Linqpad script, BTW.

void Main()
{
    var data = "search=\"*\"";
    var url = "https://gannett.splunkcloud.com:8089/services/search/jobs";
    var userName = "username";
    var passWord = "password";
    var credentials = Convert.ToBase64String(Encoding.ASCII.GetBytes(userName + ":" + passWord));

    HttpWebRequest webRequest = (HttpWebRequest)HttpWebRequest.Create(url);
    webRequest.ContentType = "text/plain";
    webRequest.Method = "POST";
    webRequest.Headers[HttpRequestHeader.Authorization] = "Basic " + credentials;
    using (var dataStream = webRequest.GetRequestStream())
    {
        var content = Encoding.UTF8.GetBytes(data);
        dataStream.Write(content, 0, content.Length);
    }

    var responseBody = string.Empty;
    try
    {
        IgnoreBadCertificates();
        var webResponse = (HttpWebResponse)webRequest.GetResponse();
        using (var responseStream = webResponse.GetResponseStream())
        {
            var streamReader = new StreamReader(responseStream);
            responseBody = streamReader.ReadToEnd();
            Console.WriteLine(responseBody);
        }
    }
    catch (Exception exception)
    {
        Console.WriteLine(exception.Message);
        Console.WriteLine(responseBody);
    }

}

public static void IgnoreBadCertificates()
{
    System.Net.ServicePointManager.SecurityProtocol = SecurityProtocolType.Tls12;
    System.Net.ServicePointManager.ServerCertificateValidationCallback = new System.Net.Security.RemoteCertificateValidationCallback(AcceptAllCertifications);
} 
private static bool AcceptAllCertifications(object sender, System.Security.Cryptography.X509Certificates.X509Certificate certification, System.Security.Cryptography.X509Certificates.X509Chain chain, System.Net.Security.SslPolicyErrors sslPolicyErrors)
{
    return true;
}
Tags (2)
0 Karma
Reply
Get Updates on the Splunk Community!

Prove Your Splunk Prowess at .conf25—No Prereqs Required!

Your Next Big Security Credential: No Prerequisites Needed We know you’ve got the skills, and now, earning the ...

Splunk Observability Cloud's AI Assistant in Action Series: Observability as Code

This is the sixth post in the Splunk Observability Cloud’s AI Assistant in Action series that digs into how to ...

Splunk Answers Content Calendar, July Edition I

Hello Community! Welcome to another month of Community Content Calendar series! For the month of July, we will ...