From f43e37643038bfd5853bca1f5c9254ae384fd94d Mon Sep 17 00:00:00 2001 From: ashnwade Date: Tue, 9 Jul 2024 10:49:50 -0400 Subject: [PATCH] fix token name --- ingesters/http.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ingesters/http.md b/ingesters/http.md index 7d0c583b..e9c34786 100644 --- a/ingesters/http.md +++ b/ingesters/http.md @@ -528,7 +528,7 @@ tag=gravwell syslog Appname==httpingester Message == "HEC request" Hostname #### Token-Name -Many third party services which are designed to send data to a HEC compatible listener have been observed sending authentication tokens with various random names; the default expected authentication header structure is `Authentication: Splunk `, but we have seen everything from "User" to "user_name". The `Token-Name` configuration parameter can override the Authorization header token name so that the HEC compatible listener can still authenticate and support third party services that do not adhere to the HEC guidance. +Many third party services which are designed to send data to a HEC compatible listener have been observed sending authentication tokens with various random names; the default expected authentication header structure is `Authorization: Splunk `, but we have seen everything from "User" to "user_name". The `Token-Name` configuration parameter can override the Authorization header token name so that the HEC compatible listener can still authenticate and support third party services that do not adhere to the HEC guidance. An example curl command that would authenticate with a `Token-Name` of `foobar` and a `TokenValue` of `soopersekrit` would be: