Problem with REST API

rmorlen · ‎05-23-2012

We have restricted access to Splunk via the REST API. We have created a user where we think we have allowed this capability. Trying the command:

curl -k https://splunkserver:8089/services/auth/login -d username=restuser -d password=password

Get a message that login fails.

The user restuser inherits from the user role and restaccess role.

authorize.conf contains:

[role_restaccess]

importRoles = user

rtSrchJobsQuota = 0

srchIndexesAllowed = *;_*

srchIndexesDefault = *;main

srchJobsQuota = 4

srchMaxTime = 0

rest\_properties\_get = enabled

rest\_apps\_view = enabled

~~~~~~

Any suggestions?

rmorlen · ‎07-20-2012

Yes. The configuration of our environment runs pretty much using Apps. Security is also controlled through an app (including LDAP configuration) with only server specific settings configured locally. We had to coordinate the local settings with the app controlled settings.

ineeman · ‎07-11-2012

rmorlen, were you able to resolve this?

fk319 · ‎05-25-2012

I used a different endpoint, this may be of some help:

servicesNS/admin/$app/auth/login

araitz · ‎05-24-2012

Sorry, I can't reproduce locally or remotely. Are you sure this isn't an issue where you need to quote or escape characters in the password?

Problem with REST API

Announcing Scheduled Export GA for Dashboard Studio

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics GA in US-AWS!