We got the Add-on for JIRA for Splunk Enterprise working ( https://splunkbase.splunk.com/app/1438/ ) however it requires us to authenticate using credentials that are stored in clear text in C:\Program Files\Splunk\etc\apps\jira\local\config.ini, according to the instructions.
Is there some way to avoid that, and have the Splunk end user SSO against it instead? We require this for 2 reasons:
1. For obvious security reasons, we don't want to store the password in plain text on the file system.
2. The account used in config.ini will not necessarily have access to all the JIRA projects anyway, and as a result not return all stories/issues that we're querying for. Each user will be querying for issues in JIRA projects that other users may not have access to. We could use a JIRA admin account, but then refer to point #1 above.
Bonus question: Is there a way to query multiple JIRA instances? We have a few instances that we'd like to reach into at the same time.
So the answer to this is yes and no. In its current iteration, the command cannot do multiple instances and accounts without further modification.
I do however have an unpublished version that encrypts the passwords and allows for different instances. If you're interested in evaluating the version, please contact me for further details. Note that the evaluation version is just that and not fully tested as of yet.
Hi @Flynt Any update on general availability for this? If not, I am interested in the unpublished version that has encryption and supports multiple instances.
Hi Flynt, is it planned to be upgraded on the Splunk Base as new version any time soon? Can you send me the test version of the app unless you have identified significant issue with the version by now.
Thanks Flynt, and yes I'd be interested in trying out the unpublished version with encryption. How can we make the arrangement?
I've sent an email to your account, if you did not receive it please let me know. You can always email me as well so we can get you the code.
Sorry Flynt, I never received anything, and I can't see any way to email you via Splunk> answers. Am I overlooking something.