DEVHIDE
Login Or Sign up

What token do I use to authenticate to Azure's Log Analytic Workspace?

106 Views Asked by At

I'm writing a simple script to interact with the log analytic workspace to get information pertaining to configurations. However I'm having issues with authentication. I keep getting a 401 error.

I'm not using vscode.

This is the code that I reach out to the oath url I think the api gateway and then within the header the access token is then applied to the second url and it authenticates, however this isn't the API endpoints for log analytic workspace. The law seems to be the URL w/ the management and when I try that url on the second attempt it fails. So I don't think it's the correct way for the api to manage azure resource?

import requests
import base64

#*****[API TOKEN]*****
pat='token'

#*****[Encode Token w/ Header Attribute]*****
auth = str(base64.b64encode(bytes(':'+pat, 'ascii')), 'ascii')

#*****[Create Headers]*****
headers = {
    'Accept': 'application/json',
    'Authorization': 'Bearer '+auth}

#*****[Response]*****
response = requests.get(url="https://management.azure.com/subscriptions/******/resourcegroups/****/providers/Microsoft.OperationalInsights/workspaces/log-analytic-workspace?api-version=2022-10-01", headers=headers)

#*****[Append Header Response]*****
#print (response.headers)
print (response.status_code)

I tried manipulating the Authorization parameter, but I think that's fine as it's found within the documentation. I thought i had to make an initial connection to the azure api endpoint (api gateway) and within the response in the head the access token would be found and I would use that access token for the header parameter this also failed with error 401.

I think the access token i have is incorrect, I'm using the access token that came with the service principal i created added the service principal to a group and applied the group to the log analytic workspace and I'm still unable to authenticate.

I think the issue I'm having finding out what token/access token would I need to authenticate.

I have global admin access.

import requests
import base64

#*****[API TOKEN]*****
#pat = 'token'
pat = 'tok'

#*****[Encode Token w/ Header Attribute]*****
authorization = str(base64.b64encode(bytes(':'+pat, 'ascii')), 'ascii')

#*****[Create Headers]*****
headers = {
    'Accept': 'application/json',
    'Authorization': 'Basic '+authorization}

#*****[Create List]*****
head=[]

#*****[Response]*****
response = requests.get(url="https://login.live.com/oauth20_desktop.srf", headers=headers)

#*****[Append Header Response]*****
head.append(response.headers)
#print (response.headers)
print (response.status_code)

#*****[Extract Header Response]*****
cachecontrol = ((response.headers['Cache-Control']))
pragma = ((response.headers['Pragma']))
contenttype = ((response.headers['Content-Type']))
expires = ((response.headers['Expires']))
p3p = ((response.headers['P3P']))
refpol = ((response.headers['Referrer-Policy']))
routeinfo = ((response.headers['x-ms-route-info']))
xmsid = ((response.headers['x-ms-request-id']))
ppserver = ((response.headers['PPServer']))
xcon = ((response.headers['X-Content-Type-Options']))
trans = ((response.headers['Strict-Transport-Security']))
xss = ((response.headers['X-XSS-Protection']))
date = ((response.headers['Date']))
conlength = ((response.headers['Content-Length']))

#*****[Print Header Response]*****
print('_________________________________')
#print('Cached Control: ' + str(cachecontrol))
#print('Pragma: ' + str(pragma))
#print('Content-Type: ' + str(contenttype))
print('Expiration: ' + str(expires))
#print('P3P: ' + str(p3p))
#print('Referrer Policy: ' + str(refpol)) 
#print('x-ms-route-info: ' + str(routeinfo)) 
print('x-ms-request-id: ' + str(xmsid))
#print('PPServer: ' + str(ppserver)) 
#print('X-Content-Type-Options: ' + str(xcon)) 
#print('Strict-Transport-Security: ' + str(trans)) 
#print('X-XSS-Protection: ' + str(xss)) 
#print('Date: ' + str(date)) 
#print('Content-Length: ' + str(conlength)) 


#*****[Encode Token w/ Header Attribute]*****
auth = str(base64.b64encode(bytes(':'+xmsid, 'ascii')), 'ascii')
print(xmsid)
print(auth)
#*****[Create Headers]*****
header2 = {
    'Accept': 'application/json',
    'Authorization': 'Bearer '+auth}
    #'Authorization': 'Basic '+auth}


#*****[Response]*****
response2 = requests.get(url="https://login.microsoftonline.com/************************/adminconsent?client_id=", headers=header2)
print(response2.status_code)
python python-3.x azure python-requests azure-log-analytics-workspace
Original Q&A
1

There are 1 best solutions below

0
Venkatesan On

What token do I use to authenticate to Azure's Log Analytic Workspace?

To authenticate with the Log Analytics API using a service principal, you need to use Azure AD authentication.

You can use the below code to get the access token from Azure AD authentication and it gets the log analytics workspace instance.

Code:

import requests
import json

tenant_id = 'xxx'
client_id = 'xxx'
client_secret = 'xxxx'
resource_id = 'https://management.azure.com/'

# Azure AD OAuth 2.0 token endpoint
token_endpoint = 'https://login.microsoftonline.com/{}/oauth2/token'.format(tenant_id)

token_request_params = {
    'grant_type': 'client_credentials',
    'client_id': client_id,
    'client_secret': client_secret,
    'resource': resource_id
}

# Send OAuth 2.0 token request
token_response = requests.post(token_endpoint, data=token_request_params)
token_response_json = json.loads(token_response.text)
access_token = token_response_json['access_token']

# Use access token to authenticate to Azure Management API
headers = {
    'Authorization': 'Bearer {}'.format(access_token),
    'Content-Type': 'application/json'
}

response = requests.get(url='https://management.azure.com/subscriptions/xxxxx/resourceGroups/xxxx/providers/Microsoft.OperationalInsights/workspaces/xxxx?api-version=2022-10-01', headers=headers)

print(response.status_code)
json_data = json.loads(response.text)
formatted_json = json.dumps(json_data, indent=2)

print(formatted_json)

Output:

200
{
  "properties": {
    "customerId": "xxxx",
    "provisioningState": "Succeeded",
    "sku": {
      "name": "PerGB2018",
      "lastSkuUpdate": "2023-12-26T05:55:01.8522611Z"
    },
    "retentionInDays": 30,
    "features": {
      "legacy": 0,
      "searchVersion": 1,
      "enableLogAccessUsingOnlyResourcePermissions": true
    },
    "workspaceCapping": {
      "dailyQuotaGb": -1.0,
      "quotaNextResetTime": "2023-12-27T03:00:00Z",
      "dataIngestionStatus": "RespectQuota"
    },
    "publicNetworkAccessForIngestion": "Enabled",
    "publicNetworkAccessForQuery": "Enabled",
    "createdDate": "2023-12-26T05:55:01.8522611Z",
    "modifiedDate": "2023-12-26T06:06:29.8714419Z"
  },
  "location": "eastus2",
  "tags": {
    "Reason": "Repro",
    "CreatedDate": "12/26/2023 6:06:29 AM",
    "CreatedBy": "NA",
    "OwningTeam": "NA"
  },
  "id": "/subscriptions/xxx/resourceGroups/xx/providers/Microsoft.OperationalInsights/workspaces/xxxx",
  "name": "jgsai4616096831",
  "type": "Microsoft.OperationalInsights/workspaces",
  "etag": "\"ea00e85b-0000-0200-0000-658a6d650000\""
}

enter image description here

Reference:

Workspaces - Get - REST API (Azure Log Analytics) | Microsoft Learn

Related Questions in PYTHON

Related Questions in PYTHON-3.X

Related Questions in AZURE

Related Questions in PYTHON-REQUESTS

Related Questions in AZURE-LOG-ANALYTICS-WORKSPACE

Trending Questions

Popular # Hahtags

javascript python java c# php android html jquery c++ css ios sql mysql r reactjs node.js arrays c asp.net json

Popular Questions

.

Copyright © 2021 Jogjafile Inc.