-
Issue with Obtaining JSON Access Token Using API Key in Cribl
Hi, I'm working on code that uses an API key to access my data in Cribl. I started by creating API credentials (client_id and client_secret) and built a simple script to obtain an access token, which I plan to use for querying logs. Here’s the code I wrote: import requests client_id = 'XXX' client_secret = 'XXX' auth_url =…
-
Cannot POST /api/v1/search/jobs
In both the API Reference (with authenticated session) and via Python, I started running into an issue with submitting queries to the POST /search/jobs API to submit a remote query to Cribl Search. Despite the fact that it's a POST endpoint, and I'm using the headers generated by the API Reference, I receive the following…
-
Job progress stuck after few mins,
Hi All, i am facing an issue in Cribl data script, Actually the job is completed based on the logs, but it stuck saying 2 tasks inflight, We are using script option to pull the data, We have handled all the scenarios to prevent the issues, but after sometime, the job is getting stuck, As we can see in the above screenshot,…
-
Using "Webhook" Destination: Can we transform events to be used as HTTP requests?
Using "Webhook" Destination: Can we transform events to be used as HTTP requests?Background - we are trying to send alerts from the Cribl Internal (Logs) source. We use a pipeline to reduce these events down to only Cribl errors and any Cribl Internal Logs that we care about. However, we need a way to send this data in the…
-
Is there a way to use the API to `PATCH` a lookup table in a pack?
Hey - is there a way to use the API to PATCH a lookup table in a pack?
-
Has anyone here used API calls to perform Health Checks from a F5 VIP to the Worker Nodes?
Hello.Has anyone here used API calls to perform Health Checks from a F5 VIP to the Worker Nodes? From the following link… https://docs.cribl.io/stream/usecase-syslog/It mentions to do the following… If UDP data is being sent, the load balancer has no way to automatically detect whether the destination is up. Configure the…
-
Dynamic Date in API URL
I am finally getting around to converting some of my crontabs to Cribl Stream API sources. I am looking to have a dynamic date/time variable in the URL. The date would need to be the date from yesterday. Example: Today's Date/Time: 2023-08-11T08:00:00.00Z Needed Date/Time: 2023-08-10T08:00:00.00Z Using %3C to do before…
-
404 Error when querying the API
I am running a distributed environment, and when I use the API Reference to query an endpoint it returns Status Code 404. How can I resolve this?
-
CrowdStrike API
I was previously using SPLUNK to get data via a SPLUNK add-on that used an API query to pull down detections from the CrowdStrike platform. We are moving away from SPLUNK and trying to use CRIBL to get CrowdStrike data. CrowdStrike have a SIEM connector but this requires additional infrastructure and I am trying to see if…
-
How do I programmatically (via API) export then merge a Pack from one worker group to another?
I want to use the API to export a Pack from one worker group and merge it to another. How do I do that?
