Sessionkey = minidom.parseString(servercontent).getElementsByTagName('sessionKey').childNodes. Instead, use export to stream it all over the wire. between the Splunk Server and the cloud API, that was doing SSL Inspection on the connection when it wasnt meant to be. The answer to the question is, therefore, not to use the /jobs/search endpoint to create a search job and then later go fetch the results. Here is the change I made to the python script: rc RestClient + url, apikeyapikey,apisecretapisecret, verifyTrue) ß- CHANGE TO verifyFalse. Servercontent = myhttp.request(baseurl + '/services/auth/login', 'POST', It allows the use of basic REST calls to the custom API and support scripts in Python. It seems that the export API endpoint streams results instead of saving them and so allows you to have much larger result sets. A sample implementation in Python to get a session key with the ‘/services/auth/login’ REST endpoint is as follow: import urllib Use the POST method and include the username and password in the HTTP request body. Use this REST endpoint ‘/services/auth/login’ to obtain a session key before you proceed to create a search job in Step 2. With the Splunk Enterprise SDK for Python you can write Python applications to programmatically interact with the Splunk platform.
There are basically 4 simple steps to create a search job and retrieve the search results with Splunk’s REST API and they are:
Right now Im simply passing it a query, but when I try to pass time, it just ignores the range and sends me all the data for the last few months of data.
#SPLUNK API PYTHON HOW TO#
I am going to demonstrate how to create a search job and retrieve the search results with Splunk’s REST API using your preferred programming language (I am using Python in this article). So I am using the Splunk SDK with Python 3.7.x (splunklib) and am trying to figure out how to ask for data in a certain time range. If you are feeling adventurous and have a burning desire to try out Splunk’s REST API, look no further, this article demonstrates the first few basic steps to get you started. Make sure you are reading the documentation for accessing this API very closely - just about every single API I have dealt with requires some minor tweak to my code.
0 kommentar(er)
