Webhook Authorization Http Header problem.
I am trying to set up a webhook that should send document and deploy events to Splunk via Splunk HEC. I am using the Header key Header Value fields in set up of webhook through subscription but I get an error on misued header name.
It works fine when I send http request with to splunk from my powershell script. . it also work fine when we use serilog to log to Splunk through Splunk HEC
$token = '3CEBFC88-75FD-4FE3-BA83-D5DxxxxxxxA4'
$port = "443"
$header = @{Authorization = "Splunk $token"}
$url = "https://splunklabhec.xxxx/services/collector"
$event = @{
host = $env:computername......
......
}
} | ConvertTo-Json -Depth 3
Invoke-RestMethod -Method Post -Uri $url -Headers $header -Body ([System.Text.Encoding]::UTF8.GetBytes($event))
I can see the request/respons in Fiddler :
But when I try the same from Octoupus Deploy.
I get the error:
Failed to send ‘splunktest’ webhook request. Misused header name. Make sure request headers are used with HttpRequestMessage, response headers with HttpResponseMessage, and content headers with HttpContent objects.
System.InvalidOperationException: Misused header name. Make sure request headers are used with HttpRequestMessage, response headers with HttpResponseMessage, and content headers with HttpContent objects.
at System.Net.Http.Headers.HttpHeaders.CheckHeaderName(String name)
at System.Net.Http.Headers.HttpHeaders.Add(String name, String value)
at Octopus.Server.Schedules.EventNotifications.NotificationCreator.d__16.MoveNext()
Octopus.Server version 2018.9.7 (2018.9.7+Branch.master.Sha.bc1aa5ccec678935363ecf0dc4c018f3a4bafb82)
November 13th 2018 13:31:51Info
‘splunktest’ successfully finished processing.
It looks to me that this an error thrown in Octopus Deploy before anything is sent to our splunkserver since I can’t see that anything is sent to splunk while monitoring all traffic with Fiddler.
I do not understand the error message in the CheckHeaderName method. Why should not Authorization be a valid header key ?
Is this a bug in Octopus? Or have I misunderstood the concept of Webhooks in Octopus? Or should the key be formated differently.
Could you use without validation as suggested here on SO ?
I have tried it on our production Splunk environment and also on a local latest version of Octopus Deploy.