Working with secrets and sensitive values with the Uptime App

Hi there!

I'm investigating the best way to monitor API uptime, and I have checked out the synthetics samples.
A lot of APIs under test require authentication, thus some sort of credentials needs to be available during the test. The section working with secrets and sensitive values informs on how to provide secrets via Heartbeat's keystore, however there is no guidance when it comes to using the Uptime App directly and its ELK-managed test locations.
Is it perhaps not possible at all?

Hello @Marchelune,

Uptime App uses Heartbeat "behind the scenes", therefore what is valid for heartbeat is also valid for Uptime App.

If it does not answers your question, I'd ask you to be a bit more specific, ideally provide some reproducible example of what you're trying to monitor with Uptime so I can try to give you a more detailed answer.

I apologize @Marchelune , it actually is not possible to use the keystore with the public service. While it does use heartbeat behind the scenes, the means by which it works is different. You can however use the new 'parameters' feature for this purpose for browser monitors.

For lightweight monitors, we do encrypt all fields saved in kibana, including HTTP username / password, headers, etc.

Thanks fo the answer!
I guess one could define very limited test accounts and push credentials as part of the synthetic tests parameters.

This topic was automatically closed 24 days after the last reply. New replies are no longer allowed.