All Apps and Add-ons
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Add-on for JIRA: Is it possible to avoid storing password information in clear text in config.ini?

desmondpigott
Explorer
‎10-21-2016 01:47 PM

We got the Add-on for JIRA for Splunk Enterprise working ( https://splunkbase.splunk.com/app/1438/ ) however it requires us to authenticate using credentials that are stored in clear text in C:\Program Files\Splunk\etc\apps\jira\local\config.ini, according to the instructions.

Is there some way to avoid that, and have the Splunk end user SSO against it instead? We require this for 2 reasons:
1. For obvious security reasons, we don't want to store the password in plain text on the file system.
2. The account used in config.ini will not necessarily have access to all the JIRA projects anyway, and as a result not return all stories/issues that we're querying for. Each user will be querying for issues in JIRA projects that other users may not have access to. We could use a JIRA admin account, but then refer to point #1 above.

Bonus question: Is there a way to query multiple JIRA instances? We have a few instances that we'd like to reach into at the same time.

0 Karma
Reply

Flynt
Splunk Employee
Splunk Employee
‎10-24-2016 07:54 AM

So the answer to this is yes and no. In its current iteration, the command cannot do multiple instances and accounts without further modification.

I do however have an unpublished version that encrypts the passwords and allows for different instances. If you're interested in evaluating the version, please contact me for further details. Note that the evaluation version is just that and not fully tested as of yet.

Reply

pradeepkumarg
Influencer
‎05-05-2019 08:23 AM

Hi @Flynt Any update on general availability for this? If not, I am interested in the unpublished version that has encryption and supports multiple instances.

0 Karma
Reply

nil00051
New Member
‎11-13-2018 11:08 AM

Hi Flynt, is it planned to be upgraded on the Splunk Base as new version any time soon? Can you send me the test version of the app unless you have identified significant issue with the version by now.

0 Karma
Reply

desmondpigott
Explorer
‎10-29-2016 02:08 PM

Thanks Flynt, and yes I'd be interested in trying out the unpublished version with encryption. How can we make the arrangement?

0 Karma
Reply

Flynt
Splunk Employee
Splunk Employee
‎10-31-2016 07:54 AM

I've sent an email to your account, if you did not receive it please let me know. You can always email me as well so we can get you the code.

0 Karma
Reply

Flynt
Splunk Employee
Splunk Employee
‎10-31-2016 10:56 AM

Sorry, it's in my profile. You can reach me at fdeboer@splunk.com.

0 Karma
Reply

desmondpigott
Explorer
‎10-31-2016 10:38 AM

Sorry Flynt, I never received anything, and I can't see any way to email you via Splunk> answers. Am I overlooking something.

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...