All Apps and Add-ons
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

mfa is it possible with just api key,mfa enabled on all accounts

awayne1
New Member
‎12-31-2018 07:40 AM

I am have working on getting the github addon to work but having some difficulty

I am able to write a script against our github with my api key but I have not been successful in implementing the addon in splunk.

we have mfa enabled on ALL accounts including mine but I can write scripts,So is it not possible at all to get this plugin to work with mfa enabled on all accounts?

The details section is unclear if there is a way to get the addon to work bc of the mention of API key

Like I can script a script with an API key on an account that has MFA enabled and get data

0 Karma
Reply

awayne1
New Member
‎01-10-2019 05:26 AM

We are using github.com no internal instance

0 Karma
Reply

edavison
Explorer
‎01-07-2019 07:04 AM

I'll need a little more detail on whether you're accessing GitHub.com or an internal GitHub Enterprise server. If this is an internal server, there are some configurations that admins can enable that could prevent the app from working.

The app will function with MFA accounts as long as the API token is created with the proper permissions and has permissions to the orgs/repos it is being configured to access. All that is required is to use the token as the password.

Check the internal logs for errors from the inputs and you may consider enabling debug logging in the app to see more detail. If that isn't useful for identifying the issue, post back some of the logs output.

0 Karma
Reply

datamine
Loves-to-Learn Lots
‎10-30-2019 07:30 AM

hi @edavison

how do these python programs are called?

in inputs.conf i see the stanza name same as python program. Am i right?

[github_api_repos_stats]
start_by_shell = false
sourcetype = github:repos:stats
interval = 86400
disabled = 0

[github_api_repos_commits]
start_by_shell = false
sourcetype = github:repos:commits
interval = 3600
disabled = 0

[github_api_repos_issues]
start_by_shell = false
sourcetype = github:repos:issues
interval = 86400
disabled = 0

Thanks,
Devon

0 Karma
Reply
Get Updates on the Splunk Community!

Observe and Secure All Apps with Splunk

  Join Us for Our Next Tech Talk: Observe and Secure All Apps with SplunkAs organizations continue to innovate ...

Splunk Decoded: Business Transactions vs Business IQ

It’s the morning of Black Friday, and your e-commerce site is handling 10x normal traffic. Orders are flowing, ...

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...