Skip to content

Securing Credentials

By default you configure credentials for access to external systems in the yaml file in plain-text. That may be okay in some scenarios, but ideally credentials should be stored in a credential manager.

The LogSentinel Collector has built-in support for HashiCorp Vault.

For each collector configuration that requires credentials, instead of the username/password or key/secret` pairs, a property calledvaultTokencan be specified which points to theusername/passwordorkey/secret`` entry in HashiCorp Vault.

In order for that to work, connection to vault should be configured, as follows:

vaultToken: ... # token to access the HasiCorp Vault
vaultUri: https://localhost:8200 # URI to connect to Vault