**Step 1:** I have to use "PUT" to login to my system and obtain a login token. Webtools curl command only supports GET, POST and DELETE as stated in the documentation. When I choose **method=put** I don't get any errors in Splunk, will it work as intended?
I need to authenticate via "userid" and "value" instead of user and password. I tried to put this information in the datafield like this, but it didn't work:
> | makeresults count=1> | eval data="{\"userid\":\"ApiUser\",\"value\":\"password\"}"> | curl method=put uri=https://x.x.x.x:32102/rest/openapi/sm/session> | table curl*
The developer @jkat54 suggested that the Huawei system might want the username and password as parameters and I might have to urlencode them so I tried these:
> uri=https://x.x.x.x:32102/rest/openapi/sm/session/?userid=ApiUser&value=password> uri=https://x.x.x.x:32102/rest/openapi/sm/session/%3Fuserid%3DApiUser%26value%3Dpassword> uri=https://x.x.x.x:32102/rest/openapi/sm/session/?userid%3DApiUser&value%3Dpassword> uri=https://x.x.x.x:32102/rest/openapi/sm/session/%3Fuserid=ApiUser%26value=password> I also tried uri=.../?xxx and uri=...?xxx
When I use **Splunk and any variation of the curl command listed above** the logs on the Huawei system show "*Open API request from third system, URL: /rest/openapi/sm/session, error message: Authentication failed.*" and it shows username as "*Invalid User*".
If I **connect to the API via another method** the login succeeds. Whenever I input a wrong password or username, the chosen username will be displayed in the logs and the error message is "*Failure reason: The user name does not match the password or the account does not exist.*"
**Therefore it's not a wrong username or password error when using the curl command.**
**Step 2:** After I obtain a session token with the above search (assuming it's working), I can use this token to query the API via executing additional curl commands. How would I do that in a Splunk search?
This is an excerpt from the documentation of the systems API to gain an access token:
/*
* Log in Example
*/
public class Login
{
public static void main(String[] args) throws Exception
{
login();
}
public static void login() throws Exception
{
//set the URL and method
final String openidURL = "/rest/openapi/sm/session";
final String method = "PUT";
//set parameters
final List parameters = new ArrayList();
parameters.add(new BasicNameValuePair("userid", GlobalVar.GLOBAL_USERNAME));
parameters.add(new BasicNameValuePair("value", GlobalVar.GLOBAL_USERVALUE));
parameters.add(new BasicNameValuePair("ipaddr", GlobalVar.GLOBAL_USERIP));
//send the request
final HttpResponse response = NewHttpsAccess.access(GlobalVar.GLOBAL_IP,
GlobalVar.GLOBAL_PORT,
openidURL,
method,
null,
parameters);
//get the result
final String ret = NewHttpsAccess.getResult(response);
System.out.println(ret);
//resolve the result and get the openid
final JSONObject jObject = JSONObject.fromObject(ret);
if (null == jObject)
{
System.out.println("Login failed.");
return;
}
if ("0".equals(String.valueOf(jObject.get("code"))))
{
final String openid = String.valueOf(jObject.get("data"));
GlobalVar.globalOpenid = openid;
}
}
}
↧