Re: Unable to search using REST API

vinitchaudhari1 · ‎02-17-2019

Hi I have a cloud instance version 7.0.2.1 https://prd-p-df4vmzb62ds7.cloud.splunk.com. I am trying to use REST API to run search but I am always getting Page Not Found error. I gave correct username/password. I tried running simple POST call using endpoint utr https://prd-p-df4vmzb62ds7.cloud.splunk.com/services/auth/login but it is not working. If anyone has used REST API then can you please help? I also have local version 5.x but it is not enterprise. Is REST API supported only in enterprise version?

seegeekrun · ‎02-20-2019

In Postman or Soap UI, you'll want to make sure that Authorization (Basic Auth) is set and the credentials are added.

Postman - Authorization
https://learning.getpostman.com/docs/postman/sending_api_requests/authorization/
Soap UI - How to Authenticate
https://www.soapui.org/soap-and-wsdl/authenticating-soap-requests.html

seegeekrun · ‎02-19-2019

Are you using port 8089?
https://your-instance.com:8089/services/admin...

The UI runs on port 8000 and is typically forwarded from 443. But the API Endpoints are over 8089, which is also the management port.

vinitchaudhari1 · ‎02-19-2019

Thanks Seegeekrun for the response. I am using 8089. I just found out that it works with curl but not with Postman or SOAP UI. Is there a way to use Postman or SOAP UI for Splunk REST API?

Unable to search using REST API

Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!

They're back! Join the SplunkTrust and MVP at .conf24

Enterprise Security Content Update (ESCU) | New Releases