Splunk SOAR

Configuring App - Error - Missing required fields secrect,key

akg12106
New Member

Hi,
I am installing an App and fill out the required information under Asset Info and Asset settings. Under Asset settings, I enter the the correct username and API key that I get from the vendor portal. However, when I save the configuration, I get a message that pops up (right corner) that reads 'Missing required fields secrect,key'. I do not see any other required fields. Does anyone know what the error means or referencing?

Splunk phantom version 4.5.15922
App is a 3rd party vendor app.

Labels (2)
Tags (1)
0 Karma
1 Solution

phantom_mhike
SplunkTrust
SplunkTrust

I did not dig extensively into the issue you are seeing because that app code is 4 years old. The app version you can get from my.phantom.us right now is far more recent. I would also suggest following the advice in the release notes about deleting old assets and rebuilding them.

PassiveTotal Release Notes - Published by Phantom February 05, 2019

Version 1.2.36 - Released February 05, 2019
Compatibility changes for Phantom release 4.2

Version 1.2.28 - Released February 06, 2018
App action views and Logo updates

Version 1.2.25 - Released August 23, 2017
3.0 compatibility update release only

Version 1.2.23 - Released July 27, 2017
3.0 compatibility update release only

Version 1.2.22 - Released March 23, 2017
Minor error handling fix

Version 1.2.21 - Released December 12, 2016
NOTE: Existing PassiveTotal Assets must be deleted, and a new one must be created after installing this version.
The app has been rewritten to use the new PassiveTotal APIv2, their v1 API has been deprecated
Added "whois ip" and "whois domain" actions
Removed verify server certificate option, we now always validate the certificate

View solution in original post

0 Karma

phantom_mhike
SplunkTrust
SplunkTrust

I did not dig extensively into the issue you are seeing because that app code is 4 years old. The app version you can get from my.phantom.us right now is far more recent. I would also suggest following the advice in the release notes about deleting old assets and rebuilding them.

PassiveTotal Release Notes - Published by Phantom February 05, 2019

Version 1.2.36 - Released February 05, 2019
Compatibility changes for Phantom release 4.2

Version 1.2.28 - Released February 06, 2018
App action views and Logo updates

Version 1.2.25 - Released August 23, 2017
3.0 compatibility update release only

Version 1.2.23 - Released July 27, 2017
3.0 compatibility update release only

Version 1.2.22 - Released March 23, 2017
Minor error handling fix

Version 1.2.21 - Released December 12, 2016
NOTE: Existing PassiveTotal Assets must be deleted, and a new one must be created after installing this version.
The app has been rewritten to use the new PassiveTotal APIv2, their v1 API has been deprecated
Added "whois ip" and "whois domain" actions
Removed verify server certificate option, we now always validate the certificate

0 Karma

akg12106
New Member

Thanks for looking Mhike.
RiskIQ had provided the Github URL but I was able to get 1.2.36 installed successfully. I will continue with the 1.2.36 version. Thanks again for your help and time.

0 Karma

phantom_mhike
SplunkTrust
SplunkTrust

Can you provide the name of the app you are trying to set up? Its pretty hard to check out the problem without being able to look at the app itself.

0 Karma

akg12106
New Member

Hi Mhike,
The app is from RiskIQ and I got the app here, https://github.com/passivetotal/phantom_app.

Thanks

0 Karma
Get Updates on the Splunk Community!

Splunk Classroom Chronicles: Training Tales and Testimonials

Welcome to the "Splunk Classroom Chronicles" series, created to help curious, career-minded learners get ...

Access Tokens Page - New & Improved

Splunk Observability Cloud recently launched an improved design for the access tokens page for better ...

Stay Connected: Your Guide to November Tech Talks, Office Hours, and Webinars!

🍂 Fall into November with a fresh lineup of Community Office Hours, Tech Talks, and Webinars we’ve ...