Skip to main content
Splunk Lantern

Request headers in API checks

Request headers may be a critical part of requirements for an active monitoring test’s configuration in order to effectively simulate a transaction. You might want to test API transactions that involve request headers when doing the following:

Prerequisites 

In order to execute this procedure in your environment, the following data, services, or apps are required:

Example

Request headers can include rules and settings to define how an HTTP transaction should operate. There is a standard set of supported request header types that have specific names and purposes. Some common examples of request headers are:

  • Authorization. Send credentials for basic HTTP authentication to give permission for access.
  • Cache-Control. Tell the browser how long a resource is eligible to be cached and reused.
  • Content-Type. Tell a server the MIME type of the body of a request so that the server knows how to parse the data.
  • Cookie. Set a cookie to be stored in the browser so we can track state or sessions.

Some developers may also implement custom request headers with custom names. It’s common to see custom request headers with a prefix of “X,” for example: X-Http-Method-Override could override the request method from something like POST to another method like PUT or DELETE.

To monitor the availability, response time, and data quality for transactions with APIs, use Splunk's API check to set request headers with each request as part of a transaction.

Consider a scenario where you need to POST username and password credentials to access some information. After you're logged in at that endpoint, you need to store and set a session ID in order to pre-populate other components specific to our session.

When building the steps for an API check, click + Add a Request Header to supply one or more headers at each request step.

clipboard_e8941b1f86242206376b631425fd08a69.png

Results

You can add more functional steps to this transaction or add an Assert step to confirm that the session ID is set as expected.

  • Was this article helpful?