Configure credentials on Box for the Splunk Add-on for Box
Box uses OAuth 2.0 for authentication and authorization. For the Splunk Add-on for Box to collect data from the Box APIs, you must obtain an OAuth 2.0 client ID and client secret from Box. Before you attempt to set up the Splunk Add-on for Box, use the following steps to configure a Box client app and obtain these credentials.
Refer to Box documentation for more details and additional reference information.
- Log in to Box using an existing Box account.
The role of the Box account that you use for this configuration step affects the scope of the data you can gather with the add-on. The account and the credentials are persistent, explicitly have more than read-only permissions in Box, and and not just used to establish an API key for the nodes to communicate:
- If you use a Box account with the admin role, the add-on has permissions to gather all metadata of all files and folders and all enterprise events for your entire organization through the Box APIs.
- If you use a Box account with a co-admin role, you need to enable the permission to "Run new reports and access existing reports" for that account.
- If you use an account with a user role, you may not be able to collect all data.
- Go to https://app.box.com/developers/services/edit/.
- Select Custom App and click Next to create a Box Application.
- Select Standard OAuth 2.0 (User Authentication) and click Next.
- Type a unique name for your application and click Create App. Box displays a message informing you that your app has been created.
- Click View Your App. Box directs you to the application configuration page.
- Next to OAuth 2.0 Redirect URI, in the Redirect URI field, enter the SSL-secured HTTPS URI of the Splunk Platform instance that you want to be responsible for data collection from Box, usually a heavy forwarder. For example, if the URL of your heavy forwarder is
http://<host>:8000/en-US/app/Splunk_TA_box/splunk_ta_box_redirect, then the redirect URI is exactly the same as this. The OAuth 2.0 specification only supports HTTPS redirects, which means you need turn on SSL for Splunk Web on the instance you are using for Box data collection. Refer to Turn on encryption (https) with Splunk Web in the Splunk Enterprise security documentation for details on how to turn on SSL for Splunk Web.
- Next to Application Scopes, select the following options based on the data you want to pull from your Box account:
Application Scope Uses Read all files and folders stored in Box. Gets data of
Foldersendpoint (Collect folder metadata, Collect folder collaboration, Collect file metadata).
Read and write all files and folders in Box. Gets data of
Foldersendpoint (Collect tasks and comments).
Manage users. Gets data of
Manage groups. Gets data of
Manage enterprise properties. Gets data of
If the application scopes are changed after configuring your account in the Splunk Add-on for Box, the Box account will have to be reconfigured in the Box add-on to generate a new token with the upgraded, and downgraded access.
- Note down the Client ID and Client Secret next to OAuth 2.0 Credentials. You need this when you set up the Splunk Add-on for Box.
- Click Save Changes.
Upgrade the Splunk Add-on for Box
Set up the Splunk Add-on for Box
This documentation applies to the following versions of Splunk® Supported Add-ons: released, released