Scenario:- we have pas sever who generally does the va scan of all the environment now we need to integrate this with splunk
Problem statement:-the pas server run queries on the data and is storing it in a virtual directory in itslef now the client has installed the windows iis webserver and hosted this directory on a https url and the reports are showing on a url as
E.g url/report1, url/report2 etc.
Client has created a service account and password for security to login to website and access the reports.
Now we have 3 things:- https url, username and password.
Which method of integration i should go with?
Note :- client said no to u.f installation on the windows server and i checked and found no addon on splunkbase
Correct me on Possible solution:-
1) use the inbuilt rest api method but instead of username and password i should ask him for api key?
2)if he cant provide api key then i need to go to addon builder and then create an addon with username and password as authentication? Has anybody worked on this? Is there any documentation avaiy with you? I am not sure of this method
3) use curl command and also put creds and download the report to another server and then use u.f on it to send to splunk. I am not sure of this method due to security concerns.