All Apps and Add-ons

Rest API Modular Inpu with Basic Auth

Pierzapin
New Member

Hi Damien,

I'm trying to poll the API for a RabbitMQ management console using your REST API Modulaor Input. I have another generic (unauthenticated API) working perfectly with Json data returning perfectly, so install and splunk permissions seem fine. When hitting the RabbitMQ API (using Basic Auth) the splunkd.log reports

2013-11-15 12:21:36,844 DEBUG [52855b00c57f10f45fd7d0] cplogging:55 - [15/Nov/2013:12:21:36] HTTP Traceback (most recent call last): File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/cherrypy/cprequest.py", line 606, in respond cherrypy.response.body = self.handler() File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/cherrypy/cpdispatch.py", line 25, in call return self.callable(*self.args, **self.kwargs) File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/routes.py", line 366, in default return route.target(self, **kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 38, in rundecs return fn(*a, **kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 107, in check return fn(self, *a, **kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 156, in validateip return fn(self, a, *kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 297, in preformssocheck return fn(self, a, *kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 348, in checklogin return fn(self, *a, **kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 369, in handleexceptions return fn(self, a, *kw) File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/controllers/search.py", line 487, in batchControl response = actionMethod() File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/search/init.py", line 730, in touch return self.execControl('touch') File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/search/init.py", line 693, in _execControl serverResponse, serverContent = rest.simpleRequest(uri, postargs=postargs, sessionKey=self.sessionKey) File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/rest/init.py", line 483, in simpleRequest raise splunk.AuthorizationFailed(extendedMessages=uri) AuthorizationFailed: [HTTP 403] Client is not authorized to perform requested action; https://127.0.0.1:8089/services/search/jobs/schedulercGllcnMuY2hhbWJlcmxhaW4searchRMD525bd0fa3f312c2...

Is this something you've seen before? Any Clues?

Thanks

Piers

Tags (1)
0 Karma

Damien_Dallimor
Ultra Champion

Those errors messages have nothing to do with the REST API Modular Input.

REST API Modular Input errors messages would be found with : "index=_internal ExecProcessor error rest.py"

Furthermore , in the config page , if you check the "Index Error Response" option , any HTTP auth errors should get indexed for you to browse.

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...