I have a Python script in an External Lookup app which makes REST GET calls to a third party endpoint which requires basic authentication (username/password). How can I make those authentication credentials editable through a graphical interface/dashboard in Splunk? This answer states that there is no way to pass authentication into External Lookup scripts: https://community.splunk.com/t5/Splunk-Search/Pros-and-Cons-External-lookup-script-vs-custom-search-command/m-p/15922 I am aware of the possibility to create a setup page (https://dev.splunk.com/enterprise/docs/developapps/manageknowledge/setuppage/) for my app so credentials can be written into a custom conf file in the "<app_name>/local" folder and then parsed by the Python script but the credentials would be readable due to being written in plaintext. Is there a way to obfuscate the credentials but then easily use them through Python?
... View more
I am working on an app that will have an interactive UI where you could input a hash value and afterwards the app would gather data through a REST API and return it to a Splunk index so it can later be searched and visualized.
I was looking at the Splunk Add-on Builder, but couldn't manage to find if there is an easy way to make it work only once, as there is only an option to run it in specific intervals.
... View more