Illegal character in url_args

sylvainLuce · ‎02-23-2015

Hi,

In my call in a browser, i send to a REST Url an arg like that :

$filter=Date%20eq%20datetime%272015-02-19T00:00:00%27

When I try to add the REST Call with the REST API Modular Input, it's the hell !
I have always an error like :

http_error_code = 400 error_message = {"error":{"code":"","message":{"lang":"en-US","value":"Syntax error: character '\\' is not valid at position 16 in 'Date eq datetime\\\"2015-02-22T00:00\\\"'."}}}

I try a lot of think like :

$filter=Date eq datetime\"2015-02-22T00:00\"

$filter=Date eq datetime"2015-02-22T00:00"

$filter=Date eq datetime'2015-02-22T00:00'

in the inputs.conf or in the web interface but without success 😞

Any ideas ?
Thanks !
Sylvain

cpetterborg · ‎03-06-2015

Your browser is using a GET method when you put it in the URL. You need to provide a URL-ized string. Here is what you get when you make it URL-happy:

$ php
<?php
echo urlencode("filter=Date%20eq%20datetime%272015-02-19T00:00:00%27");
?>
filter%3DDate%2520eq%2520datetime%25272015-02-19T00%3A00%3A00%2527

I'm just guessing here, but I suspect you want to do something like:

http://machinename/API$filter%3DDate%2520eq%2520datetime%25272015-02-19T00%3A00%3A00%2527

Damien_Dallimor · ‎02-23-2015

In my call in a browser, i send to a REST Url an arg like that
$filter=Date%20eq%20datetime%272015-02-19T00:00:00%27

Can you be more accurate.....

What is the full HTTP REST URL in unencoded form that is expected to be sent ?

Any links to documentation for the particular REST API ?

sylvainLuce · ‎03-06-2015

Hi,

the Rest API is in ODATA2 format.

Finally, I don't use the URL arg and put all the url in the Endpoint URL with a token to generate yesterday time.
It work 🙂

Thks

Illegal character in url_args

Archived Metrics Now Available for APAC and EMEA realms

Detecting Remote Code Executions With the Splunk Threat Research Team

Enter the Dashboard Challenge and Watch the .conf24 Global Broadcast!