Closed Tatsuya-hasegawa closed 6 months ago
Thanks for the accept.
I'm trying to modify the codes in order to be able to load the credentials from msticpyconfig.yaml even if SplunkUploader. However I don't know how Query Provider accesses the loaded credentials after init_notebook().
I'm happy if you teach me it or point the specific code location.
It should already be set up to load settings (including secrets like password) from msticpyconfig.yaml. Is the token in this case a long-term cred (like an API key) or more like an Azure/Oauth token that you obtain and use for a short period. If it is a LT credential you can add an entry to the "args" subkey in the splunk settings. These are all read into a dictionary (cs_dict) which is used for connect params if no command line args are passed to connect().
Thank you for your reply. I'm sorry I couldn't notify for a long time. It is a LT credential and I don't find the code loading the settings from msticpyconfig.yaml. I'm continuing the track of this idea.
I have accomplished to resolve this issue. I will post a new PR soon. :) As ianhelle said, it was not difficult.
This future request has been merged in https://github.com/microsoft/msticpy/pull/731
Is your feature request related to a problem? Please describe. This is a security concern about plain text credential in the JupyterNotebook file.
Describe the solution you'd like QueryProviders can pull the credentials from msticpyconfig.yaml. I would like you to do the same in this Uploader too.
Describe alternatives you've considered Instead of Username/Password , Access Token is available in Splunk.
Additional context Plain text login credential is danger opportunity if user upload the .ipynb file to github and so on.
Thank you. Best regards