Skip to main content

Posts

Showing posts from May, 2020

Query Splunk, the easy way, with plain old JavaScript

Sometimes you just need the basics. This post walks you through the simplest, quickest way to query data from Splunk, using plain old JavaScript. There's no 3rd party plug-ins or SDK required and no opinionated frameworks to deal with.  You will need: A splunk instance (get yours here if you don't have one) An authorisation token Node.JS and npm installed If you don't have an auth token, request one from your Administrator. If you are an admin, just create a token using the following cURL command in Terminal (replace <HOST> with your host instance). Change the +300d if you want to adjust the time before the token expires.  curl -k -u UID:PWD -X POST https://<HOST>:8089/services/authorization/tokens?output_mode=json --data name=admin --data audience=Managers --data-urlencode expires_on=+300d  for example, if your userid was Susan, your password was Wibble! and your Splunk instance was running on acme.com, then you would enter curl -k -...