Latest Version 2.3.0
April 17, 2024
Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Encrypt and Decrypt data within Events
The purpose of this distribution is to create an easy way to encrypt data within events and decrypt data at search time depending on the role. Read the README.txt on set up and usage.
Built by Nimish Doshi
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2
Rating
0
(0)
Log in to rate this app
Support
Not Supported
The purpose of this distribution is to create an easy way to encrypt data within events and decrypt data at search time depending on the role. Read the README.txt on set up and usage.
The basic idea is to first encrypt data within an event and produce a new file with the same content as before, but with the data matching group(1) in a regular expression encrypted and saved on disk using base64. The next thing to do is index the newly required file into Splunk with a sourcetype.
At search time, you will then be able to decrypt the data. Read the README.txt for installation and usage. Two experimental dashboards have been added for Splunk 6+ that you can use in your own app to control access to decrypt.
PLEASE NOTE: Use as is as this is a reference implementation.
Categories
Created By
Nimish Doshi
Type
app
Downloads
3,279
Licensing
Splunk Answers
Resources
Log in to report this app listing