- Splunk Answers
- :
- Using Splunk
- :
- Splunk Dev
- :
- Need help getting basic requests.post to work for ...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
OK - This is starting to frustrate me.
I first tried the following command:
curl -k http://10.10.XX.XX:8088/services/collector/event -H "Authorization: Splunk my_correct_token" -d '{"event": "does this thing work"}'
and it works correctly and the event is received. Cool!
Then I saw the following blog post on building HTTP Events with Python and while I could get the code to execute without error. I could not get the system to receive the event.
Breaking down the event to its most basic components in Python 2.7 I wrote the following code
import requests
requests.post('http://10.10.XX.XX:8088/services/collector/event', headers={'Authorization': 'Splunk my_correct_token}, data = {"event": "through python -- again - does this thing work"})
print "does this thing work"
And while the code runs without error I am not receiving the events in Splunk.
Any ideas?
Thank you.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Here is my solution to the problem:
#!/usr/bin/python
import requests
import json
url='https://172.16.x.y:8088/services/collector/event'
authHeader = {'Authorization': 'Splunk super_sekrit'}
jsonDict = {"event": "through python -- again - does this thing work"}
r = requests.post(url, headers=authHeader, json=jsonDict, verify=False)
print r.text
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Here is my solution to the problem:
#!/usr/bin/python
import requests
import json
url='https://172.16.x.y:8088/services/collector/event'
authHeader = {'Authorization': 'Splunk super_sekrit'}
jsonDict = {"event": "through python -- again - does this thing work"}
r = requests.post(url, headers=authHeader, json=jsonDict, verify=False)
print r.text
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
But how can you pass this kind of authorization ('Splunk super_sekrit') if I am using the Java Splunk sdk ? I can't set a header over there. so How can I pass over there?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
This works great. And i like the fact that it separates the components needed. Thank you!
Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!
They're back! Join the SplunkTrust and MVP at .conf24
Enterprise Security Content Update (ESCU) | New Releases
