Hi Damien,
I'm trying to poll the API for a RabbitMQ management console using your REST API Modulaor Input. I have another generic (unauthenticated API) working perfectly with Json data returning perfectly, so install and splunk permissions seem fine. When hitting the RabbitMQ API (using Basic Auth) the splunkd.log reports
2013-11-15 12:21:36,844 DEBUG [52855b00c57f10f45fd7d0] cplogging:55 - [15/Nov/2013:12:21:36] HTTP Traceback (most recent call last): File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/cherrypy/cprequest.py", line 606, in respond cherrypy.response.body = self.handler() File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/cherrypy/cpdispatch.py", line 25, in call return self.callable(*self.args, **self.kwargs) File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/routes.py", line 366, in default return route.target(self, **kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 38, in rundecs return fn(*a, **kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 107, in check return fn(self, *a, **kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 156, in validateip return fn(self, a, *kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 297, in preformssocheck return fn(self, a, *kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 348, in checklogin return fn(self, *a, **kw) File "", line 1, in File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/lib/decorators.py", line 369, in handleexceptions return fn(self, a, *kw) File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/appserver/mrsparkle/controllers/search.py", line 487, in batchControl response = actionMethod() File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/search/init.py", line 730, in touch return self.execControl('touch') File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/search/init.py", line 693, in _execControl serverResponse, serverContent = rest.simpleRequest(uri, postargs=postargs, sessionKey=self.sessionKey) File "/opt/splunkprod1/splunk/lib/python2.7/site-packages/splunk/rest/init.py", line 483, in simpleRequest raise splunk.AuthorizationFailed(extendedMessages=uri) AuthorizationFailed: [HTTP 403] Client is not authorized to perform requested action; https://127.0.0.1:8089/services/search/jobs/schedulercGllcnMuY2hhbWJlcmxhaW4searchRMD525bd0fa3f312c2...
Is this something you've seen before? Any Clues?
Thanks
Piers
Those errors messages have nothing to do with the REST API Modular Input.
REST API Modular Input errors messages would be found with : "index=_internal ExecProcessor error rest.py"
Furthermore , in the config page , if you check the "Index Error Response" option , any HTTP auth errors should get indexed for you to browse.