When I encrypt an HEC token (using the tool https://pypi.org/project/splunksecrets/), I get 'invalid token' errors when sending events to it via curl.
Is there a config to tell splunk that the HEC token should be encrypted?
I tried to play with 'encrypt_fields' in server.conf to state that this field should be encrypted, but that option is only availbale under shclustering stanza.
So is it possible currently?
... View more