Hi ,
I am trying to connect Splunk using Java SDK but i am getting Connection Refused Exception.
Map
connectionArgs.put("host", "mydomain.com");
connectionArgs.put("username", "admin");
connectionArgs.put("password", "passxxx");
connectionArgs.put("port", 8089);
connectionArgs.put("scheme", "https");
Service splunkService = Service.connect(connectionArgs);
When I am using the browser with the above url i, e, https://mydomain.com i am able to login with the above credentials but through Java sdk i am not able to connect. I debugged the code, In HttpService.java class the URL is getting constructed as
https://mydomain.com:8089/services/auth/login
I am not getting why the URL is getting constructed like this. Kindly help me out in resolving the issue at the earliest. Thanks
Check the management port number. If it is not 8089 use the same port number in you r code too.
This URL is constructed to hit the splunkd daemon management port (8089, by default) and then the /services/auth/login
endpoint to obtain a session token. See this dev.splunk.com tutorial for more details.
In your case, since you are seeing a "connection refused" message, it appears that either the splunkd daemon is not running, or it has been configured to listen on a port different than 8089. If the latter is true, you'll need to specify that port when constructing the connection instance:
// Create a map of arguments and add login parameters
ServiceArgs loginArgs = new ServiceArgs();
loginArgs.setUsername("admin");
loginArgs.setPassword("changeme");
loginArgs.setHost("localhost");
loginArgs.setPort(8089);
// Create a Service instance and log in with the argument map
Service service = Service.connect(loginArgs);
See this tutorial for reference.
I also get an same error "Connection Refused" when I use the hostname given at the time of Splunk Cloud signup with the port number 8089.
But, if I use cURL or HTTP client app (without using Java SDK), I successfully get the session token only if I prefix "input-" to the hostname. If I don't prefix, I get the same "Connection Refused".
If I use the prefixed hostname in the Java SDK code, I get an error:
"hostname in certificate didn't match: != "
If I use localhost as hostname (without prefix), I get an error:
"hostname in certificate didn't match: != "
All cURL REST API calls to localhost work well.
It is not a port number issue, but a hostname and certificate issue.
Please help us solve this issue. I would like to use Java SDK rather than working on the REST API level.
There might be more setting we have to do on the Service object.
I think you'd be better off finding out what the splunkd management port is by reading it in $SPLUNK_HOME/etc/system/local/web.conf or by issuing the "splunk show splunkd-port" command.
Since i was not sure about the port number,i had put a for loop from 0 to 10000 as shown below, but still getting same issue.This time instead of using domain name i used the ip address itself as below connectionArgs.put("host","165.130.166.206");
connectionArgs.put("username", "admin");connectionArgs.put("password", "passxx");connectionArgs.put("scheme", "https");
for(i=0;i<=10000;i++){try{connectionArgs.put("port",i);
Service splunkService = Service.connect(connectionArgs);
System.out.println("Connected");}catch(Exception e){
System.out.println("could not Connect, The Port No is " + i);}}