Dashboards & Visualizations
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

HEC : Can we encrypt the token values ?

adiop
New Member
‎10-30-2019 09:08 AM

When I encrypt an HEC token (using the tool https://pypi.org/project/splunksecrets/), I get 'invalid token' errors when sending events to it via curl.

Is there a config to tell splunk that the HEC token should be encrypted?

I tried to play with 'encrypt_fields' in server.conf to state that this field should be encrypted, but that option is only availbale under shclustering stanza.

So is it possible currently?
Thanks!

0 Karma
Reply

starcher
SplunkTrust
SplunkTrust
‎10-30-2019 12:17 PM

No and really there is no need to encrypt the HEC tokens.

0 Karma
Reply
Get Updates on the Splunk Community!

Data Preparation Made Easy: SPL2 for Edge Processor

By now, you may have heard the exciting news that Edge Processor, the easy-to-use Splunk data preparation tool ...

Introducing Edge Processor: Next Gen Data Transformation

We get it - not only can it take a lot of time, money and resources to get data into Splunk, but it also takes ...

Tips & Tricks When Using Ingest Actions

Tune in to learn about:Large scale architecture when using Ingest ActionsRegEx performance considerations ...