This add-on supports the latest v3 API. For details refer - https://haveibeenpwned.com/API/v3
Enter your API key in the App setup page.
Manage Apps -> Click Set up against 'HaveIBeenPwnedAPI' app -> Enter API key under 'API key' section.
<base_query> | hibp field=<emailfield>
produces new field called Pwned_Details and it has three possible values :
if email found - > produces result with Breach Title,Date, DataClases
if email not found -> produces static message "Not Pwned"
if not above two cases -> produces "Error: Response Code -XXX"
In Windows platform, after configuring the 'API Key' (using 'Setup' option in the App management page), below configuration file is created in 'UTF-8 BOM' format. This might break the script that is used for 'hibp' command.
Convert the format of '$SPLUNK_HOME\etc\apps\TA-hibp-api\local\hibpq.conf' file from 'UTF-8 BOM' to 'UTF-8' to fix the issue in Windows platform.
App Icons and Documentation added.
Splunk AppInspect evaluates Splunk apps against a set of Splunk-defined criteria to assess the validity and security of an app package and components.
As a Splunkbase app developer, you will have access to all Splunk development resources and receive a 10GB license to build an app that will help solve use cases for customers all over the world. Splunkbase has 1000+ apps and add-ons from Splunk, our partners and our community. Find an app or add-on for most any data source and user need, or simply create your own with help from our developer portal.