سؤال
I'm trying to use Splunk's python SDK (http://docs.splunk.com/Documentation/PythonSDK) to connect to my Splunk server, but I am getting a ParseError.
https://stackoverflow.com/questions/16349806
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russian>>> pip install splunk-sdk
>>> import splunklib.binding as binding
>>> cargs = {}
>>> cargs['host'] = 'splunk.mydomain.com'
>>> cargs['scheme'] = 'https'
>>> cargs['port'] = 443
>>> cargs['username'] = 'my_username'
>>> cargs['password'] = 'my_password'
>>> c = binding.connect(**cargs)
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
File "/myframework/lib/python2.7/site-packages/splunklib/binding.py", line 867, in connect
c.login()
File "/myframework/lib/python2.7/site-packages/splunklib/binding.py", line 753, in login
session = XML(body).findtext("./sessionKey")
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/xml/etree/ElementTree.py", line 1302, in XML
return parser.close()
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/xml/etree/ElementTree.py", line 1655, in close
self._raiseerror(v)
File "/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/xml/etree/ElementTree.py", line 1507, in _raiseerror
raise err
xml.etree.ElementTree.ParseError: no element found: line 1, column 0
So whatever page is getting returned to connect() doesn't have the expected "./sessionKey"text. All of the examples I've seen use "localhost" for the host, so I'm not sure if there's a problem with the fact of this external host. I wish I could get my hands on the returned page.
This host is on my corporate net, so there should not be an access problem.
Something is getting returned; I tested this by leaving out the port, which got me:
error: [Errno 60] Operation timed out
So, what am I doing wrong here?
المحلول
It looks like you are using the wrong port. By default, Splunk's management port is 8089. Unless you have changed that, you should be using 8089 and not 443.
Another way to confirm the URL and the credentials is to test it via cURL from the command line on the same machine where you are trying the SDK:
curl -k https://splunk.mydomain.com:8089/services/auth/login -d username=my_username -d password=my_password
