After running:
| curl method=post uri=https://localhost:8089/ splunkauth=true
I'm receiving an error, a check of the python.log shows me:
2019-04-05 03:17:21,946 +0000 ERROR curl:287 - bad operand type for unary +: 'str'. Traceback: Traceback (most recent call last):
File "/opt/splunk/etc/apps/TA-webtools/bin/curl.py", line 123, in execute
+ "\texample: curl method=get verifyssl=true uri=https://localhost:8089 " \
TypeError: bad operand type for unary +: 'str'
I found line 86 was an issue, along with line 58, I added the if headers == None
line as the below to force the headers to not be None
86 if headers == None:
87 headers = {}
88 headers["Authorization"] = 'Splunk %s' % sessionKey
if they were not set, otherwise the curl command just doesn't work!
Otherwise great application, thanks for creating it!
Thanks for posting the solution @gjanders!
I got a little ahead of myself on the last release and didnt test the non-splunk auth methods of the curl SPL command.
Version 1.2.3 works fine if you use splunkauth because that fork in the code doesnt have the bug. The solution for now is to edit /bin/curl.py and add headers={}
before the authorization header is added headers["Authorization"] = 'Splunk %s' % sessionKey
as shown below:
headers={}
headers["Authorization"] = 'Splunk %s' % sessionKey
Be mindful of your indentation if you decide to patch curl.py yourself. This bug appears in the definitions/functions named get(), head() post() and delete() near the top of curl.py.
I'll release a new patch soon.
I am using this app https://splunkbase.splunk.com/app/4146
The curl command is not picking up method=POST and always returning error 405 and
{"error":{"detail":"GET method not supported for API","message":"Method not Supported"},"status":"failure"}
I used this command
| eval header="{\"Content-Type\":\"application/json\", \"Accept\":\"application/json\"}"
| curl method=post uri= user= pass= headerfield= header
Now I am not sure how to make a POST call to an external API from Splunk search. Every time it is being detected as GET.
Please create a new question for this if you need help
thank you. I created one https://answers.splunk.com/answers/751835/index.html
Testing the splunk add on for service-now app..
it is working
Thanks for posting the solution @gjanders!
I got a little ahead of myself on the last release and didnt test the non-splunk auth methods of the curl SPL command.
Version 1.2.3 works fine if you use splunkauth because that fork in the code doesnt have the bug. The solution for now is to edit /bin/curl.py and add headers={}
before the authorization header is added headers["Authorization"] = 'Splunk %s' % sessionKey
as shown below:
headers={}
headers["Authorization"] = 'Splunk %s' % sessionKey
Be mindful of your indentation if you decide to patch curl.py yourself. This bug appears in the definitions/functions named get(), head() post() and delete() near the top of curl.py.
I'll release a new patch soon.