Comments (6)
Hi @feldmannb,
I just want to make sure im understanding your use case here:
- multiple companies each with their own Canarytokens server (say canarytokens.company1.com, canarytokens.company2.com)
- Each company has an api token used in sending incidents to your one Splunk installation - this allows Splunk to know which company's incidents are being sent in.
The question then is how you can add that api token to the canarytoken webhhook that sends the events to your Splunk incident? Or is this a question of whether the Canary Splunk addon can support more than one Canarytokens instance sending incidents?
from canarytokens.
from canarytokens.
HI @feldmannb,
Thanks for the explanation. I think there may be some confusion here. Are you a Canary customer? i.e. you have your own Canary Console instance?
from canarytokens.
I am actually a Splunk SE working with a customer who is a Canary customer. It is possible the confusion is on my side or I did not explain the issue clearly or I may be in the wrong Git thread for the customer issue.
The problem is not with anything on the Canary Console it is with the Thinkst Canary Add-On for Splunk (https://splunkbase.splunk.com/app/3980/). The add-on can only be configured with a single API Token and tied to a single Canary Console instance. I have a customer that has multiple operating companies each with their own Canary Console instance but using a single instance of Splunk and as a result a single instance of the Add-On.
from canarytokens.
Hi @feldmannb,
So if you working for a Canary Customer you should totally mail in support [at] canary [dot] tools please. We would be happy to help.
I can tell you though that we are currently working on our Splunk app (so that it adheres to the latest version). We don't support multiple API keys and I dont think we have ever had that request before. If you wouldn't mailing the above address with some details, so that we know how to get hold of you.
In the meantime, ill bring it up with the folks this side and see if we can figure something out.
from canarytokens.
Closing this issue because the Thinkst Canary Add-on for Splunk doesn't apply here. We can route this to actual support for a Canary Customer (also the Splunk App has been updated recently so new issues to follow I'm sure)
from canarytokens.
Related Issues (20)
- Simple Typo Fix on Template HOT 1
- Thwarting Malware HOT 2
- Support Wildcard CORS Headers HOT 9
- Credit Card token (beta) not working HOT 3
- EH HOT 1
- [BUG] "Sensitive command hostname" & "Sensitive command username" or "Sensitive Command Information" missing from alerts HOT 9
- Ability to trigger token based on user
- [BUG] Web bug token serves images with html header HOT 1
- mail HOT 3
- Phone hack HOT 1
- Discord Webhook Support HOT 4
- [BUG] "An error has occurred: Internal Server Error" message when trying to create a credit card token HOT 6
- [BUG] error webhook sent with wrong content-type HOT 1
- Enable wildcard CORS support HOT 12
- [BUG] Unable to add Azure Logic App Webhook URL HOT 4
- [BUG] Microsoft Teams Webhook not functioning HOT 1
- Support IP2Location.io API HOT 4
- [BUG] AWS Keys will not generate with webhook or email HOT 1
- Windows folder token not working HOT 7
- Exploit - CSV Injection HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from canarytokens.