Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bearerToken vs. splunkToken #33

Open
UnitedMarsupials opened this issue Dec 15, 2022 · 2 comments
Open

bearerToken vs. splunkToken #33

UnitedMarsupials opened this issue Dec 15, 2022 · 2 comments

Comments

@UnitedMarsupials
Copy link

The resolution of splunk/splunk-sdk-python#388 advises using the verb bearerToken to use the token-based authentication instead of the username/password credentials.

Both the python/README.md and the python/.env show the same verb -- although the line is commented-out in both examples. Unfortunately, trying to use it results in an error:

Traceback (most recent call last):
  File "submit.py", line 82, in <module>
    main(sys.argv[1:])
  File "submit.py", line 43, in main
    opts = parse(argv, RULES, ".env", usage=usage)
  File "/home/xx/splunk-app-examples/python/utils.py", line 226, in parse
    parser_.loadenv(config)
  File "/home/xx/splunk-app-examples/python/utils.py", line 172, in loadenv
    self.loadif(filepath)
  File "/home/xx/splunk-app-examples/python/utils.py", line 166, in loadif
    self.load(filepath)
  File "/home/xx/splunk-app-examples/python/utils.py", line 159, in load
    raise NameError("No such option --" + key)
NameError: No such option --bearerToken

Closer examination of the python/utils.py reveals, that the expected verb is splunkToken! At this time, the documented spelling should, probably, be added as an alias -- if possible -- to avoid breaking things for people already using the incorrect verb...
@akaila-splunk
Copy link
Contributor

@UnitedMarsupials, Sorry for the delay in response, To connect with splunk using .env file you can use splunkToken key for bearer-token and token key for session-key. In the future release we'll update the sample .env files to avoid any confusion.
Please let us know if you still face any issue after updating key name to splunkToken.

@UnitedMarsupials
Copy link
Author

UnitedMarsupials commented Feb 2, 2023
edited
Loading

@akaila-splunk, putting splunkToken into .env does not work. The way to use the Splunk token currently is by using the token verb on the left side, and the string consisting of the word "Splunk" followed by a space, and then -- the hexadecimal token itself:

host=splunk-hec
port=8088
token=Splunk xxxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx

Unfortunately, even after the successful authentication, things don't really work -- because the client tries to get details about the index (even if it does not need any such details), which a Splunk-token is not authorized to do. The #34 discusses this problem in detail...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@UnitedMarsupials @akaila-splunk