Hi,
I'm currently trying to get the auth token that can be used for rest apis without exposing my password. Since it is a mod input script, I am using passAuth = <user> in inputs.conf. This provides me the auth token via stdin, but it is exposing some information that I would not like exposed. The stdin that I get is "sessionKey=abcd1234" for example. Is there a way to omit the "sessionKey=" part and only return the session key?
https://docs.splunk.com/Documentation/Splunk/8.2.1/Admin/Inputsconf
https://docs.splunk.com/Documentation/SplunkCloud/8.2.2105/AdvancedDev/ModInputsIntro
Alternatively, is there another way to retrieve the session key / auth token without including the password in my script?
Thanks!