All Apps and Add-ons

Is TA-LDAP currently in development? Can't specify attrs needed in result

jtlatuvm
Engager

Using version 4.0.
I've been able to get basic queries using ldap_filter to work after some edits to myLDAP2.py (the code was overwriting what the user specified in the ldap command)

Now I'm trying to request specific attrs, such as:

| ldap server=ldap.example.com ldap_filter="(uid=username)" attrs="cn"

I get no results. Then looking in myLDAP2.py, around lines 305-318, following the comment:

# check what attributes will be returned, default all

The "default all" case is implemented, but the:

else: # no, we only`enter code here` get certain attributes back

...case isn't implemented at all, it just prints a debug line.

I could probably implement this, but before I spend a lot of time doing so, it would be nice to know:

  • is there a more recent dev version where this is implemented
  • is there a git repo or the like where development for this project is tracked?

Thanks for your time,
Jim

0 Karma
1 Solution

MuS
SplunkTrust
SplunkTrust

Hi jtlatuvm,

Creator of the TA here.

I thought I added it to GitHub already but did not 😞 I have plans to make it Splunk 8, Python 3 compatible in the next few months anyway, but I think I just put it on GitHub first so you can fork/clone it as you like.

Looking forward seeing my silly mistakes I made being corrected :lol:

cheers, MuS

View solution in original post

MuS
SplunkTrust
SplunkTrust

Hi jtlatuvm,

Creator of the TA here.

I thought I added it to GitHub already but did not 😞 I have plans to make it Splunk 8, Python 3 compatible in the next few months anyway, but I think I just put it on GitHub first so you can fork/clone it as you like.

Looking forward seeing my silly mistakes I made being corrected :lol:

cheers, MuS

MuS
SplunkTrust
SplunkTrust
0 Karma

jtlatuvm
Engager

Thanks for setting that up! Once I get some decent (hopefully small) patches I will send you a PR. (github @jtlawson)

Get Updates on the Splunk Community!

This Week's Community Digest - Splunk Community Happenings [9.26.22]

Get the latest news and updates from the Splunk Community here! Upcoming User Group Events! 👏 Check ...

BSides Splunk 2022 - The Call for Papers is now Open!

TLDR; Main Site: https://bsidessplunk.com CFP Site: https://bsidessplunk.com/cfp CFP Opens: December 15th, ...

Sending Metrics to Splunk Enterprise With the OpenTelemetry Collector

This blog post is part of an ongoing series on OpenTelemetry. The OpenTelemetry project is the second largest ...