Graylog 4.3.10+6cb2860 (Debian 11.0.16 on Linux 5.10.0-20-amd64)
I created a Lookup Adapter (http jsonpath), along with the requisite Headers (Accept: and Authorization: Bearer token) and that works. I submit a key and the data is returned. However, the bearer token expires 30 minutes after issue. It is not feasible to re-issue, copy, delete the Authorization header entry, re-create it, then paste in the new token every 30 minutes. I have tried to create an environmental variable called $token, and send that to the Authorization header entry as:
Authorization Bearer $token
But this does not work. And I really need it to. Has anyone done this successfully?
I have also verified that an “echo $token” from cli yields the correct token. Graylog is just not reading it.
Yeah I can programmatically refresh the token, it’s just a matter of setting that bearer token in Graylog automatically, since Graylog apparently doesn’t support oauth 2.0 in http json lookup adapters. Which in a way is odd, since supposedly if it did, it would do all of this automatically.