Hi All,
we are trying to install the ServiceNow Security Operations add-on for Splunk, and after we add in the required details including the password, we cannot locate where the password is being stored.
Was expecting a passwords.conf to be created with the password encrypted, but am not seeing anything in:
/opt/splunk/etc/apps/TA-ServiceNow-SecOps/default
Or in
/opt/splunk/etc/apps/TA-ServiceNow-SecOps/local
ServiceNow Security Operations Addon | Splunkbase
We do have a sn_sec_instance.conf created in /local, but it only lists the url of our ServiceNow instance and the username.
thanks
Hi @becksyboy
You can put the password in same file sn_sec_instance.conf and there is no separate password file, these are the allowed settings in file.
[sn_instance]
url =
username = splunk_sec_integration
password =
proxy_url =
proxy_port =
proxy_username =
proxy_password =
---
An upvote would be appreciated and Accept solution if this reply helps!
Thanks @venkatasri
yep am aware of that, but when we use the older version of this app: ServiceNow Security Operations | Splunkbase if you enter the parameters in via the gui, the password is encrypted into a passwords.conf file automatically.