All Apps and Add-ons

ServiceNow Security Operations add-on for Splunk - missing passwords.conf?

becksyboy
Communicator

Hi All,

we are trying to install the ServiceNow Security Operations add-on for Splunk, and after we add in the required details including the password, we cannot locate where the password is being stored.

Was expecting a passwords.conf to be created with the password encrypted, but am not seeing anything in:

/opt/splunk/etc/apps/TA-ServiceNow-SecOps/default

Or in

/opt/splunk/etc/apps/TA-ServiceNow-SecOps/local

ServiceNow Security Operations Addon | Splunkbase

We do have a sn_sec_instance.conf created in /local, but it only lists the url of our ServiceNow instance and the username.

thanks

Labels (1)
Tags (1)
0 Karma

venkatasri
SplunkTrust
SplunkTrust

Hi @becksyboy 

You can put the password in same file sn_sec_instance.conf and there is no separate password file, these are the allowed settings in file.

[sn_instance]
url =
username = splunk_sec_integration
password =
proxy_url =
proxy_port =
proxy_username =
proxy_password =

---

An upvote would be appreciated and Accept solution if this reply helps!

0 Karma

becksyboy
Communicator

Thanks @venkatasri 

yep am aware of that, but when we use the older version of this app: ServiceNow Security Operations | Splunkbase if you enter the parameters in via the gui, the password is encrypted into a passwords.conf file automatically.

 

 

 

0 Karma
Get Updates on the Splunk Community!

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud

Introduction to Splunk Observability Cloud - Building a Resilient Hybrid Cloud  In today’s fast-paced digital ...

Observability protocols to know about

Observability protocols define the specifications or formats for collecting, encoding, transporting, and ...

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...