[Bug] Splunk search analyzer - Password is not hidden

[Tyrell20]

Describe the bug
The configuration of all Splunk Search Analyzer show the password's field in cleartext

To Reproduce
Steps to reproduce the behavior:

1. Login to Cortex
2. Go to Organization -->Analyzers
3. Search Splunk Analyzers and open configuration
4. Insert password. It showed as cleartext

Expected behavior
Password's field must be hidden

Work environment

• RHEL 7.6:

• Cortex Version: 3.0.1-1

• TheHive Version: 4.0.0-1

• Browse type and version:

• Cortex version:

• Cortex Analyzer/Responder name: Splunk_Search_Domain_FQDN_3_0

• Cortex Analyzer/Responder version: Version: 3.0

Possible solutions
Change json file about configuration does not work correctly

[dadokkio]

I think is not a bug, probably a feature request because all password and key at the moment are showed in clear text in all responders and analyzers.

[Tyrell20]

Hi @dadokkio many thanks for your feedback. Waiting this do you know any workaround in order to hide the password?.
I tried changing the json file with no success. In fact both option:hidden under type:string
or change type from to string to password
do not work as expected.

Many thanks

[jeromeleonard]

This is not a bug. Cortex should be improved to manage sensitive data such as api keys/password. An issue has been added for Cortex here: TheHive-Project/Cortex#319

[dadokkio]

Closed since issue opened in cortex