Support for EU cloud instance

[jpclipffel]

Problem

When deployed on Splunk Cloud or Splunk on-premises, the add-on fails to consume events from bitwarden.eu (European) cloud instance.

Cause

The configuration generator package/appserver/static/javascript/views/setup_page.js determine if a server is a cloud instance by looking for an exact match for https://bitwarden.com, and ignore actual server host when generating the configuration:

// Update script.conf
const isBitwardenCloud = serverUrl === "https://bitwarden.com" || serverUrl === "bitwarden.com";
const apiUrl = isBitwardenCloud ? "https://api.bitwarden.com" : serverUrl + "/api/";
const identityUrl = isBitwardenCloud ? "https://identity.bitwarden.com" : serverUrl + "/identity/";

Temporary solution

Manually patch the generated configuration file ${SPLUNK_HOME}/etc/apps/bitwarden_event_logs/local/script.conf from:

[config]
apiUrl = https://bitwarden.eu/api
identityUrl = https://bitwarden.eu/identity

To:

[config]
apiUrl = https://api.bitwarden.eu/
identityUrl = https://identity.bitwarden.eu/

I confirm I am collecting Bitwarden events as excepted after applying this patch.

Proper solution

Patch the configuration generator package/appserver/static/javascript/views/setup_page.js as follow:

• Parse server URL as an URL object
• Support for non-US region (e.g. bitwarden.eu)
• Use server's host value when templating the configuration

[bitwarden-bot]

Thank you for your report! We've added this to our internal board for review. ID: PM-10035