Security

Storing encrypted credentials and retrieving them

Betelgeuse
Engager

So I've been looking at this blog post from 10 years ago:

https://www.splunk.com/en_us/blog/security/storing-encrypted-credentials.html

But what is outlined there does not seem to work. I have the following setup.xml file:

<setup>
<block title="Specify a Proofpoint token to access logs" endpoint="storage/passwords" entity="_new">
<input field="prooftoken">
<label>Proofpoint token</label>
<type>password</type>
</input>
</block>
</setup>

Per the blog post my token should be stored in app.conf and that is simply not the case.

I have a UI rendered asking me to specify a token (per the .XML above) but upon hitting save, I see no evidence of retention in any .conf file.

Labels (1)

gjanders
SplunkTrust
SplunkTrust
0 Karma

Brainizer
Explorer

Just had the same problem. What the documentation does not say is that the field values have to be "username" and "password". One can't define their own

0 Karma
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

Introducing ITSI 5.0: Unified Visibility and Actionable Insights

Introducing ITSI 5.0: Unified Visibility and Actionable Insights Tuesday, July 21, 2026  |  10:00AM PT / ...

Inside Splunk Agent Observability: Understanding Agent Behavior, Tokens & Costs

Inside Splunk Agent Observability:Understanding Agent Behavior, Tokens & Costs Thursday, August 06, ...

From Data to Insight: Announcing the Winners of the Splunk Dashboard Contest

Hi Splunkers, First off, thank you to everyone who participated in our very first From Data to Insight: The ...