- Splunk Answers
- :
- Using Splunk
- :
- Splunk Dev
- :
- Re: Unable to reference .splunkrc file from Splunk...
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Unable to reference .splunkrc file from Splunk Python SDK
I created the .splunkrc file and correctly stored it in C:\Users\username.splunkrc
I filled it out with correct credentials.
1) I am trying to access KV store (the credentials work when I enter via cmd line but not when using .splunkrc😞
opts = parse(sys.argv[1:], {}, ".splunkrc")
opts.kwargs["owner"] = "nobody"
opts.kwargs["app"] = "search"
service = client.connect(**opts.kwargs)
I get this error: socket.error: [Errno 10061] No connection could be made because the target machine actively refused it
2) How do I use the .splunkrc for a regular search query connect? I am currently doing this (hardcoded data):
# Create a Service instance and log in
service = client.connect(
host=HOST,
port=PORT,
username=USERNAME,
password=PASSWORD)
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Create a file called ".splunkrc" with the following in your $HOME directory:
host=localhost
port=8089
username=restclient
password=splunkC0der
Then, run the following as your splunk user:
splunk add user restclient -password "splunkC0der" -full-name 'REST client' -role admin
Finally, you should be able to create the following login.py file:
import splunklib.client as client
import sys
if len(sys.argv) != 5:
print "Syntax: login.py username password hostname port"
sys.exit()
uid = sys.argv[1];
pwd = sys.argv[2];
host = sys.argv[3];
port = sys.argv[4];
try:
service = client.connect(host=host, port=port, username=uid, password=pwd)
print
print 'Authenticated, token = [%s]' % service.token
print
service.logout()
except Exception, err:
sys.stderr.write('\nError: %s\n\n' % str(err))
and run it successfully:
python login.py
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi jwalthour,
I'm new here and found your response here in community (even when far in the past) as I have same issue that .splunkrc file is not recognized.
My understanding was, that if I have this file correctly setup and stored, I do not need to enter any login data
to any Python script at all.
But if I understood your Python example correctly, it ask actively to enter credentials and host/port
when I execute login.py
Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!
They're back! Join the SplunkTrust and MVP at .conf24
Enterprise Security Content Update (ESCU) | New Releases
