Cribl admin/break glass account- securing credentials with HCP vault

We have a PCI finding for Cribl admin account credentials managed within Cribl stream vs using secrets manager.

PCI DSS does not allow shared administrative accounts and requires user attribution for each use of local/break glass account back to the individual who performed the action.

Can Cribl be integrated with Hashi Corp Vault where the local account credentials can be managed and retrieved as needed ? Thanks

The current Hashi Corp Vault integration only covers the storing and retrieving of Data Encryption keys. All authentication credentials for users and sources/destinations are stored within the Cribl Secret Store, unless using an external IDP for managing users and access to Stream.

Extending our integration for all credentials is something we are looking into at the moment.

3 UpGoats