Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

DXE-2673 [BUG] 400 Error - SIEM API Python Example #68

Open
estelae opened this issue May 12, 2023 · 1 comment
Open

DXE-2673 [BUG] 400 Error - SIEM API Python Example #68

estelae opened this issue May 12, 2023 · 1 comment
Labels
bug STG to confirm

Comments

@estelae
Copy link

estelae commented May 12, 2023

Describe the bug
SIEM API (https://techdocs.akamai.com/siem-integration/reference/get-configid) has a recipe called Fetch security event in time-based mode | Python that uses this library. It does not work and returns an error.

To Reproduce
Steps to reproduce the behavior:

import requests
from akamai.edgegrid import EdgeGridAuth, EdgeRc
from urllib.parse import urljoin

edgerc = EdgeRc('~/.edgerc.txt')
section = 'default'
baseurl = 'https://%s' % edgerc.get(section, 'host')

session = requests.Session()
session.auth = EdgeGridAuth.from_edgerc(edgerc, section)

configId = "12345"

path = "https://hostname/siem/v1/configs/{}".format(configId)

headers = {
    "Accept": "application/json"}

querystring = {
    "from": "1488816442",
    "to": "1488816784",
    "limit": 1000
}

result = session.get(urljoin(baseurl, path),
                     headers=headers, params=querystring)
print(result.status_code)
print(result.json())

Expected behavior
For the documentation example to work.

Actual behavior
It outputs this error.

{
'type': 'https://problems.cloudsecurity.akamaiapis.net/siem/v1/missing-parameters',
'title': 'Missing mandatory parameter(s) or illegal parameter parameter(s) in the request',
'instance': 'https://{host}/siem/v1/configs/{configid}?from={from}',
'detail': 'Missing mandatory parameter(s) or illegal parameter parameter(s) in the request',
'method': 'GET'
...
}

Judging from the instance above, it appears that only the first query parameter is being recognized. If the & character is encoded to %26 in the signature generation then the instance variable changes to 'instance': 'https://{host}/siem/v1/configs/{configid}?from={from}&to={to}&limit={limit}', but gives a 401 error for the signature not matching. If the & character is encoded to %26 in the request and signature, then it returns a 400 error for missing parameters.
@dstopka
Copy link

dstopka commented May 19, 2023

Hi @estelae,

Thank you for opening an issue. I'll be investigating it and I'll get back to you once I learn more about it.

Kind regards,
Darek

@dstopka dstopka mentioned this issue May 24, 2023
Open
@dstopka dstopka changed the title [BUG] 400 Error - SIEM API Python Example DXE-2672 [BUG] 400 Error - SIEM API Python Example May 24, 2023
@dstopka dstopka changed the title DXE-2672 [BUG] 400 Error - SIEM API Python Example DXE-2673 [BUG] 400 Error - SIEM API Python Example May 24, 2023
@aka-mark aka-mark added the STG label Nov 9, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug STG to confirm
Milestone
No milestone
Development

No branches or pull requests
3 participants
@dstopka @aka-mark @estelae