Grafana Service Account Token With Host
Description
General
- Documentation: https://grafana.com/docs/grafana/latest/administration/service-accounts/#service-account-tokens
- Summary: Grafana is an open-source analytics and visualization web application. It provides graphs, charts and alerting when connected to data sources. A service account can be used to run automated workloads in Grafana, like dashboard provisioning, configuration, or report generation. Create service accounts and tokens to authenticate applications like Terraform with the Grafana API. This detector detects both the token itself and the hostname of the Grafana instance.
- IPs allowlist: As of the time of writing this documentation, this feature is not yet supported.
- Scopes: Three roles can be associated to a Grafana token: Viewer, Editor or Admin.
Revoke the secret
Tokens can be revoked either from the grafana dashboard, or with an API call authenticated using a session cookie.
Check for suspicious activity
As of the time of writing this documentation, this feature is not yet supported.
Details for Grafana service account token with host
Family: Api
Category: Monitoring
Company: Grafana
High recall: False
Validity check available: True
On-premise instances exist: False
Only valid secrets raise an alert: False
Minimum number of matches: 2
Occurrences found for one million commits: 0.28
Prefixed: False
PreValidators:
- type: ContentWhitelistPreValidator
patterns:
- \.grafana\.net
- type: ContentWhitelistPreValidator
patterns:
- glsa_
Examples
- text: host=hello-world.grafana.net; grafana_sa_token=glsa_bAHjRcDfeZDKu0OqlR41bIbfCW9icC6b_6c3478fb
apikey: glsa_bAHjRcDfeZDKu0OqlR41bIbfCW9icC6b_6c3478fb
host: hello-world.grafana.net