Closed Tatsuya-hasegawa closed 6 months ago
Tatsuya-hasegawa
commented
9 months ago Thanks for the accept.
I'm trying to modify the codes in order to be able to load the credentials from msticpyconfig.yaml even if SplunkUploader. However I don't know how Query Provider accesses the loaded credentials after init_notebook().
I'm happy if you teach me it or point the specific code location.
ianhelle
commented
9 months ago It should already be set up to load settings (including secrets like password) from msticpyconfig.yaml. Is the token in this case a long-term cred (like an API key) or more like an Azure/Oauth token that you obtain and use for a short period. If it is a LT credential you can add an entry to the "args" subkey in the splunk settings. These are all read into a dictionary (cs_dict) which is used for connect params if no command line args are passed to connect().
Tatsuya-hasegawa
commented
8 months ago Thank you for your reply. I'm sorry I couldn't notify for a long time. It is a LT credential and I don't find the code loading the settings from msticpyconfig.yaml. I'm continuing the track of this idea.
Tatsuya-hasegawa
commented
8 months ago I have accomplished to resolve this issue. I will post a new PR soon. :) As ianhelle said, it was not difficult.
Tatsuya-hasegawa
commented
6 months ago This future request has been merged in https://github.com/microsoft/msticpy/pull/731
Is your feature request related to a problem? Please describe. This is a security concern about plain text credential in the JupyterNotebook file.
Describe the solution you'd like QueryProviders can pull the credentials from msticpyconfig.yaml. I would like you to do the same in this Uploader too.
Describe alternatives you've considered Instead of Username/Password , Access Token is available in Splunk.
Additional context Plain text login credential is danger opportunity if user upload the .ipynb file to github and so on.
Thank you. Best regards