Security

Storing encrypted credentials and retrieving them

Betelgeuse
Engager

So I've been looking at this blog post from 10 years ago:

https://www.splunk.com/en_us/blog/security/storing-encrypted-credentials.html

But what is outlined there does not seem to work. I have the following setup.xml file:

<setup>
<block title="Specify a Proofpoint token to access logs" endpoint="storage/passwords" entity="_new">
<input field="prooftoken">
<label>Proofpoint token</label>
<type>password</type>
</input>
</block>
</setup>

Per the blog post my token should be stored in app.conf and that is simply not the case.

I have a UI rendered asking me to specify a token (per the .XML above) but upon hitting save, I see no evidence of retention in any .conf file.

Labels (1)

gjanders
SplunkTrust
SplunkTrust
0 Karma

Brainizer
Engager

Just had the same problem. What the documentation does not say is that the field values have to be "username" and "password". One can't define their own

0 Karma
Get Updates on the Splunk Community!

Improve Your Security Posture

Watch NowImprove Your Security PostureCustomers are at the center of everything we do at Splunk and security ...

Maximize the Value from Microsoft Defender with Splunk

 Watch NowJoin Splunk and Sens Consulting for this Security Edition Tech TalkWho should attend:  Security ...

This Week's Community Digest - Splunk Community Happenings [6.27.22]

Get the latest news and updates from the Splunk Community here! News From Splunk Answers ✍️ Splunk Answers is ...