https://community.splunk.com/t5/All-Apps-and-Add-ons/Rundeck-App-for-Splunk-token-value-exposed-in-log-events/m-p/391332#M47767 <P>Hello,</P> <P>During troubleshooting, I noticed token value is exposed in clear text in some log events... That is not very good from a security perspective. Could you please fix that... below a sample event:</P> <PRE><CODE>09-25-2018 04:42:08.751 +0000 ERROR ExecProcessor - message from "python &lt;...&gt;/splunk/etc/apps/rundeck_app/bin/rundeck.py" ERROR:Rundeck:rundeck://users : HTTP Request error: 400 Client Error: Bad Request for url: <A href="https://&lt;FQDN&gt;/api/18/user/list?authtoken=&lt;MY" target="test_blank">https://&lt;FQDN&gt;/api/18/user/list?authtoken=&lt;MY</A> TOKEN !&gt; </CODE></PRE> <P>Regards.</P> Tue, 25 Sep 2018 04:46:30 GMT sylbaea 2018-09-25T04:46:30Z https://community.splunk.com/t5/All-Apps-and-Add-ons/Rundeck-App-for-Splunk-token-value-exposed-in-log-events/m-p/391332#M47767 <P>Hello,</P> <P>During troubleshooting, I noticed token value is exposed in clear text in some log events... That is not very good from a security perspective. Could you please fix that... below a sample event:</P> <PRE><CODE>09-25-2018 04:42:08.751 +0000 ERROR ExecProcessor - message from "python &lt;...&gt;/splunk/etc/apps/rundeck_app/bin/rundeck.py" ERROR:Rundeck:rundeck://users : HTTP Request error: 400 Client Error: Bad Request for url: <A href="https://&lt;FQDN&gt;/api/18/user/list?authtoken=&lt;MY" target="test_blank">https://&lt;FQDN&gt;/api/18/user/list?authtoken=&lt;MY</A> TOKEN !&gt; </CODE></PRE> <P>Regards.</P> Tue, 25 Sep 2018 04:46:30 GMT https://community.splunk.com/t5/All-Apps-and-Add-ons/Rundeck-App-for-Splunk-token-value-exposed-in-log-events/m-p/391332#M47767 sylbaea 2018-09-25T04:46:30Z https://community.splunk.com/t5/All-Apps-and-Add-ons/Rundeck-App-for-Splunk-token-value-exposed-in-log-events/m-p/391333#M47768 <P>Thank you for pointing this out. We're looking at it and will have a workaround and/or fix as soon as possible.</P> <P>Paul M. Lambert<BR /> Platform Solutions Architect<BR /> Rundeck, Inc</P> Tue, 25 Sep 2018 20:24:35 GMT https://community.splunk.com/t5/All-Apps-and-Add-ons/Rundeck-App-for-Splunk-token-value-exposed-in-log-events/m-p/391333#M47768 plambert 2018-09-25T20:24:35Z https://community.splunk.com/t5/All-Apps-and-Add-ons/Rundeck-App-for-Splunk-token-value-exposed-in-log-events/m-p/391334#M47769 <P>If you need an immediate workaround, please comment out line 346 of <CODE>$SPLUNK_HOME/etc/apps/rundeck_app/bin/rundeck.py</CODE>.</P> <P>We will have a new version&nbsp;with the correct fix (and not a workaround) released as soon as we can.</P> <P>Thank you again for noticing and reporting this.</P> <P>Paul M. Lambert<BR /> Platform Solutions Architect<BR /> Rundeck, Inc</P> Tue, 25 Sep 2018 23:29:47 GMT https://community.splunk.com/t5/All-Apps-and-Add-ons/Rundeck-App-for-Splunk-token-value-exposed-in-log-events/m-p/391334#M47769 plambert 2018-09-25T23:29:47Z https://community.splunk.com/t5/All-Apps-and-Add-ons/Rundeck-App-for-Splunk-token-value-exposed-in-log-events/m-p/391335#M47770 <P>Please reach out to me at <A href="mailto:plambert@rundeck.com">plambert@rundeck.com</A> for a patched version of the application that we expect will resolve this issue. If you're able to take the time to verify in your environment that it is resolved, then we will give you the chance to do so before publishing it.</P> <P>If you don't have the time to verify, we understand, just let me know and the updated version will be published soon after.</P> <P>Paul M. Lambert<BR /> Platform Solutions Architect<BR /> Rundeck, Inc</P> Tue, 02 Oct 2018 22:27:06 GMT https://community.splunk.com/t5/All-Apps-and-Add-ons/Rundeck-App-for-Splunk-token-value-exposed-in-log-events/m-p/391335#M47770 plambert 2018-10-02T22:27:06Z https://community.splunk.com/t5/All-Apps-and-Add-ons/Rundeck-App-for-Splunk-token-value-exposed-in-log-events/m-p/391336#M47771 <P>just sent you a mail. Thanks.</P> Tue, 02 Oct 2018 22:32:16 GMT https://community.splunk.com/t5/All-Apps-and-Add-ons/Rundeck-App-for-Splunk-token-value-exposed-in-log-events/m-p/391336#M47771 sylbaea 2018-10-02T22:32:16Z https://community.splunk.com/t5/All-Apps-and-Add-ons/Rundeck-App-for-Splunk-token-value-exposed-in-log-events/m-p/391337#M47772 <P>Version 1.0.2 of <A href="https://splunkbase.splunk.com/app/4120/">The Rundeck App for Splunk</A> is now available in Splunkbase and addresses this issue. Thank you for your feedback!</P> Fri, 26 Oct 2018 21:55:44 GMT https://community.splunk.com/t5/All-Apps-and-Add-ons/Rundeck-App-for-Splunk-token-value-exposed-in-log-events/m-p/391337#M47772 plambertrundeck 2018-10-26T21:55:44Z