Splunk Trustar

introduction this guide tells you how to authenticate the splunk trustar connector in swimlane using oauth 2 0 client credentials you will collect your trustar api credentials, confirm required endpoints, and configure the connector in swimlane prerequisites trustar access requirements you must have trustar permissions to • access trustar station (account settings) to generate or retrieve api credentials • confirm your tenant/environment details for api access required credentials during setup, you will collect • api base url • token url • api key (used as client id) • api secret (used as client secret) urls api base url the trustar rest api is accessible at the following base url https //api trustar co/api/2 0 token url use the following token url to obtain an oauth 2 0 access token https //api trustar co/oauth/token trustar setup take the following steps to generate or retrieve your trustar api credentials 1\ log in to trustar station 2\ navigate to your account settings 3\ generate or retrieve your api access key and api secret 4\ copy and save the following values • api key (used as client id in swimlane) • api secret (used as client secret in swimlane) connector configuration in swimlane log in to turbine from the left hand navigation pane, click orchestration and click assets asset homepage opens click the + icon to open the configure your connector asset window select splunk trustar from the asset type list fill in the asset settings and asset input as shown field description required/optional url trustar api base url (for example https //api trustar co/api/2 0) required token url token url (https //api trustar co/oauth/token) required client id the api key from trustar required client secret the api secret from trustar required scope optional, leave blank unless specified optional verify ssl enable/disable ssl verification optional http proxy optional proxy configuration optional fields with marks are required click create troubleshooting if you encounter a 401 or 403 error • verify the api key and api secret are correct and not revoked • confirm you are using the correct token url • confirm the base api url is correct (https //api trustar co/api/2 0) • regenerate the api secret if required and update the asset in swimlane you have successfully authenticated the splunk trustar connector in swimlane