At the moment I am busy working on something that requires input from a Splunk alert.
However, I am having trouble in discovering what the JSON output for the alert might be. I was wondering if anyone knows a way to predict JSON output accurately.
I know the specifics of the event that gives the alert and, of course, the details for the alert itself.
I am not allowed to share, unfortunately. I have a webhook, but it's not online yet, only reachable from localhost, because security has not been fitted appropriately yet. That's why I can't simply send an alert to test it.
Instead I want to send a curl with 'example' JSON output, but because there needs to be some decryption on that sample output, I would like for it to be quite accurate instead of simply taking a wild guess at it.
Is there anybody who can tell me how to predict the JSON payload?
No need to guess the JSON payload, Splunk publishes the structure of the JSON messages made from webhook alert actions.
See https://docs.splunk.com/Documentation/Splunk/8.0.5/Alert/Webhooks
Example:
{
"result": {
"sourcetype" : "mongod",
"count" : "8"
},
"sid" : "scheduler_admin_search_W2_at_14232356_132",
"results_link" : "http://web.example.local:8000/app/search/#go?sid=scheduler_admin_search_W2_at_14232356_132",
"search_name" : null,
"owner" : "admin",
"app" : "search"
}
If this fixes your problem, take a moment to accept the answer. This can be done by clicking on the check mark beside the answer to toggle it from greyed out to filled in!
Related
I am using IFTTT.com and on their webhooks page it says
With an optional JSON body of:
{ "value1" : "", "value2" : "", "value3" : "" }
This works fine when I use curl.. however, for my application I can only call a single url. Does anyone know if this is possible in the format like;
https://maker.ifttt.com/trigger/<keyword>/with/key/<key>/value1=blah&value2=blah
I hope this helps.
I wanted to send 3 values via a single url and this is what worked for me.
https://maker.ifttt.com/trigger/My_web_hook/with/key/My_Key?value1=11&value2=13&value3=17
Post JSON data to IFTTT in single url
I hope this helps.
I wanted to send 3 values via a single url and this is what worked for me.
https://maker.ifttt.com/trigger/My_web_hook/with/key/My_Key?value1=11&value2=13&value3=17
My key was followed by a "?", (you have a "/") and then the values. The data 11,13,17 was received by my "webhook" and passed onto me in an email. This is what I wanted to happen.
This perhaps?
https://maker.ifttt.com/trigger//with/key/?value1=blah&value2=blah
I found help in another page here on Stack Overflow but unable to upvote yet. Look for "How to pass data to IFTTT WebHook?"
So as a part of a new job I am being trained on SOAP ui, and I am having a bit of an issue. I am connecting to an existing service and getting an order from said service and then testing some assertions on it.
I have reached a problem though. The response coming from the service is in JSON format, but my SOAP UI seems to believe it is in XML format. So it puts the entire message, uncoverted from JSON, into the XML tab and the JSON tab says this response can't be viewed in JSON.
So to be clear when I look at my XML tab I see something like this (this is all fake data so no private health information is being leaked)
<data contentType="text/plain; charset=utf-8" contentLength="8690">< [CDATA[{
"OrderResponse": {
"OrderId": 3918208,
"Source": "",
"AccountNumber": "JJ357",
"ReferringPhysician": "",
and so on. So my SOAP UI can't read it and I can't seem to be able to make my program figure out that this is the JSON and it needs to be converted to XML.
I know the problem is on my side. This is working code that they have tested and works with their current testing suites. So I have done something break my SOAP, and I honestly have no idea what. I have mentioned this to them, but would like to be able to have a solution by the time they get back to me, so as not to seem like I'm going to need to have my hand held every step.
If anyone can help that would be great.
Edit: So upon further investigation it looks like the problem is that it is a JSON message in an XML envelope making it unreadable as either to SOAPUI. Using groovy script the message can't be parsed by JSONslurper or XMLparser, so if anyone happens to have dealt with this before that would be amazing.
I have found very little detail about best practices when responding to PUT or POST commands with a REST API.
Assume the example is that the API is for a list of movies in a movie store and has the following:
GET api/Movies
GET api/Movies/{id}
PUT api/Movies/
PUT api/Movies/{id}
POST api/Movies/
POST api/Movies/{id}
Where you can PUT or POST either single or collections. I included both because I do not want to get into a discussion about PUT vs. POST, and would like an answer on best practices, particularly in response to errors.
If working on a single item I can return HTTP status codes and a response easily, but what should be done when handling POST and PUT of collections, especially in a non-idempotent method?
My thought for returning a package would be as follows:
{
"version": "1.0"
"status": 200,
"errors": [
// List of object id's, and errors
]
"data": [
// List of movies POSTed or PUT
]
}
With the errors being generated for each specific ID that failed, but I'm not sure it passes the smell test in regards to overall status and HttpStatus. Should I return another status if a portion of the collection fails or a single entity fails?
Generally in REST a operation needs to completely succeed or completely fail. Operations like this should be atomic and idempotent.
So what you're asking is simply outside of what REST can do for you. From the horse's mouth:
"If you find yourself in need of a batch operation, then most likely you just haven’t defined enough resources."
http://roy.gbiv.com/untangled/2008/rest-apis-must-be-hypertext-driven#comment-743
So what does that quote mean? It doesn't mean that you can't have a resource representing the same data as several other resources (e.g.: your collection), but if you are using PUT to update it, you are still 100% replacing its contents. Not partially.
I'm making the following request against the Microsoft Live API:
GET https://apis.live.net/v5.0/me/picture?access_token=ACCESS_TOKEN
The result, unlike any other request to that API, is a redirect to a physical image location, which causes the actual image object to be returned instead of a typical JSON response that would include the path to that image.
I could dig into the the response object and try to get the Content-Location header or something to get the URL I'm looking for, but that feels very brittle and diverges from the way I'm handling every other API response.
I also know that the API URL itself, based on this behavior, can act as the image URL, but 1) I'm using a client that constructs that URL behind the scenes and 2) I don't want to persist the access token in something like a profile picture column.
The Interactive Live SDK actually shows a JSON object as the return for a REST request:
{
"location": "https://cid-0000000000000000.users.storage.live.com/users/0x0000000000000000/myprofile/expressionprofile/profilephoto:UserTileStatic"
}
That is the kind of response I want, and since the interactive SDK can show it, there's got to be some way to request that JSON be returned. I've tried setting redirect=false in the query string (necessary for Facebook, which does something similar) and setting the Accept request header to application/json. Neither had any effect.
This is not truly an answer to my question, so I'd still be interested any responses along the lines of my original question. However, I have found a workaround of sorts.
The URL https://apis.live.net/v5.0/{user_id}/picture will return the appropriate photo photo without requiring an access token. Therefore, all you need is the the user's id to construct this URL, and that can be obtained via:
GET apis.live.net/v5.0/me?access_token=ACCESS_TOKEN
Which will return something akin to:
{
"id": "0000000000000000",
"name": "John Doe",
"first_name": "John",
"last_name": "Doe",
"gender": null,
"locale": "en_US"
}
The id member there, is what you need for the URL. It's not ideal, because I have to sort of do two steps, and hope Microsoft doesn't change the way the profile picture for a specific user is retrieved or suddenly starts requiring an access token for that too. It's better than nothing, though, I suppose.
Adding ?suppress_redirects=true should do it.
i.e.
GET https://apis.live.net/v5.0/me/picture?access_token=ACCESS_TOKEN&suppress_redirects=true
I actually haven't tested this with /me/picture, but {user_id}/picture has the same behavior and adding suppress_redirects=true did the trick.
I am writing a RESTful api using WCF Web Api Preview 6. I've just spent most of the day figuring out that it doesn't like "prettified" Json! I have a method which produces "human readable" Json, ie - it spreads the text over multiple lines to make it look nice ...
{
"fieldname": "value"
}
I eventually track down a strange problem I was having to the fact that I had pretty Json. If I changed it to this ...
{ "fieldname": "value" }
... it worked perfectly.
BUT, if I pasted the first example into the test client then it worked perfectly. Since it worked I dismissed that as being the cause very early on in my investigations. But, I came back around to it after having eliminated every other possibility.
The error I was getting was a bit misleading ...
System.InvalidOperationException: The service operation 'Post'
expected a value assignable to type 'MyType' for input parameter
'resource' but received a value of type 'HttpRequestMessage`1'.
So, my question is. Does the test client do something to the body of the request to make it work with the built-in serializer?