grimmthetallest
commented
11 months ago Docs for the API endpoints and HMAC requirements are at https://duo.com/docs/adminapi
Closed grimmthetallest closed 1 month ago
grimmthetallest
commented
11 months ago Docs for the API endpoints and HMAC requirements are at https://duo.com/docs/adminapi
bdalpe
commented
11 months ago This feature is being tracked internally by CRIBL-9726. Setting this ticket as blocked.
bdalpe
commented
2 months ago This is now unblocked with the release of Cribl 4.8: https://docs.cribl.io/stream/hmac-functions/
This collector template would be very helpful to have - there was at least one discussion on the community forum that discussed the particular HMAC requirements for the REST endpoints used with no clear answer.
I think a collect header starting with
C.Crypto.createHmac('SHA1', `${C.Time.strftime(new Date().getTime()/1000, '%a, %d %b %Y %H:%M:%S %Z')}followed by the rest of the multi-line payload would probably work, but I'm unsure how to make sure the HTTP Date: header sent by Cribl matches exactly to that same value... can it also be assigned in the headers with some variable like {latest}?Thanks!