Getting Data In

How do I enable a UF to accept REST API commands?

thisissplunk
Builder

I'm reading through all of the API docs, and I am executing GET API calls against my search head successfully. However, I want to restart the separate universal forwarder and edit inputs.conf via the API but I can't figure out how to enable the REST API on it.nThere are no splunk accounts on it, so what do I need to configure here?

0 Karma
1 Solution

MuS
SplunkTrust
SplunkTrust

Hi thisissplunk,

as soon as you changed the default pwd as already suggested, you will be able to do remote API calls. This is the recommend and most secure approach.

There is however one setting in server.conf that allows remote login without changing the default password

Entering danger zone here do this on your own risk!

You can find the option in this http://docs.splunk.com/Documentation/Splunk/latest/Admin/Serverconf#General_Server_Configuration docs section, it is the allowRemoteLogin option.

Hope this helps ...

cheers, MuS

View solution in original post

MuS
SplunkTrust
SplunkTrust

Hi thisissplunk,

as soon as you changed the default pwd as already suggested, you will be able to do remote API calls. This is the recommend and most secure approach.

There is however one setting in server.conf that allows remote login without changing the default password

Entering danger zone here do this on your own risk!

You can find the option in this http://docs.splunk.com/Documentation/Splunk/latest/Admin/Serverconf#General_Server_Configuration docs section, it is the allowRemoteLogin option.

Hope this helps ...

cheers, MuS

pradeepkumarg
Influencer

what do you get when you hit 8089 port on the server where you have UF installed? https://myserver:8089
If I remember correctly, you have to change the default admin password on the forwarder to execute rest api commands.

0 Karma
Get Updates on the Splunk Community!

What's new in Splunk Cloud Platform 9.1.2312?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2312! Analysts can ...

What’s New in Splunk Security Essentials 3.8.0?

Splunk Security Essentials (SSE) is an app that can amplify the power of your existing Splunk Cloud Platform, ...

Let’s Get You Certified – Vegas-Style at .conf24

Are you ready to level up your Splunk game? Then, let’s get you certified live at .conf24 – our annual user ...