![]() | eval lowerversions=if(match(affected,\"and \"), lowerversions.\" and below\", lowerversions) | eval upperversions=if(isnull(upperversions),lowerversions,upperversions) ![]() Match(affected,\"Universal Forwarder\"), \"Universal Forwarder\", Match(affected,\"Splunk Web\"), \"Splunk Web\", Match(affected,\"Splunk Cloud\"), \"Splunk Cloud\", Match(affected,\"Splunk Enterprise\"), \"Splunk Enterprise\", | spath input=curl_message path=.td output=affected | eval pubDateE=floor(strptime(pubDate,"%a, %d %b %Y %T %z")) | spath input=curl_message output=description path= | spath input=curl_message output=pubDate path= | spath input=curl_message output=title path= | spath input=curl_message output=link path= Getting list of vulnerabilities and parsing the results into something useable | eval uri=" | curl method=get urifield=uri | curl method=get uri= user=example splunkpasswdname=example | curl method=post uri= user=admin pass=changeme debug=true headerfield=header datafield=dataĬall localhost but retrieve the password from the password store for username example (requires ) | curl method=get uri= splunkauth=true | table curl* GET data from uri, passing existing session key: | curl method=get uri= user=admin pass=changeme timeout=0.001 | table curl* GET data from uri, specifing user, pass, and very short timeout: | curl splunkauth= splunkpasswdname="username_in_passwordsconf" splunkpasswdcontext="appcontext" timeout=float sleep=timeInSecsBetweenCurls] It will allow you to store the passwords in the splunk password store (encrypted) and then use those credentials with the 'splunkpasswdname' and 'splunkpasswdcontext' curl command options. If you want to use passwords in conjunction with the curl SPL command, you will want to install this app as well. ![]() I actively support my apps and am anxious to receive any feedback. TIA!!! Please tag me on or call 1-844-4SPLUNK if you have any issues. IF YOU LIKE THIS APP, PLEASE LEAVE A RATING.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |