[exporter/splunk_hec] Support Basic-Auth token authentication

[atoulme]

Is your feature request related to a problem? Please describe.

The HEC receiver also supports reading the token through Basic Auth.

You can use any username (even none) with the token as the password, and it'll work! Especially handy in environments where you can't add a custom header, but where basic auth is supported. A curl one-line example:

curl "https://:tokenhere@splunkindexer:8088/services/collector/event" -d '{"event":"it worked!"}'

Describe the solution you'd like

We should support this for the receiver and exporter of HEC in OpenTelemetry as an alternative to the default Authorization header.

Describe alternatives you've considered

N/A

Additional context

No response

[jpkrohling]

Every exporter using the default confighttp and configgrpc can be protected with any one of our authentication extensions. Isn't this exporter using confighttp/configgrpc to start the listener?

https://github.com/open-telemetry/opentelemetry-collector/tree/main/config/configauth

[github-actions]

Pinging code owners: @atoulme @dmitryax. See Adding Labels via Comments if you do not have permissions to add labels yourself.

[atoulme]

Sorry, I'm plainly reporting a feature request. I have no insights to offer. This enhancement is open for anyone to participate.

[neelayu]

I believe Splunk HEC does not support basic authentication.
https://community.splunk.com/t5/Getting-Data-In/HEC-Basic-Authentication/m-p/575525

[traytonwhite]

This is a feature that's not as commonly known as using the custom authentication header, but is documented:

https://docs.splunk.com/Documentation/Splunk/9.0.1/Data/HECExamples#Example_10:_Basic_authentication

The question linked is asking about using a Splunk account to auth with HEC - which is not supported. The person posting the question does mention they can get HEC token auth to work, though:

The username:HEC token works as is hinted in the documentation

[neelayu]

Okay. Thanks for clarifying. @atoulme does the request work when the basic auth in provided in the header and the contents are base64 encoded?
For eg

curl -H 'Authorization: Basic <base64encoded :tokenhere>' "https://splunkindexer:8088/services/collector/event" -d '{"event":"it worked!"}'

[atoulme]

I think these are functionally equivalent yes.

[github-actions]

This issue has been inactive for 60 days. It will be closed in 60 days if there is no activity. To ping code owners by adding a component label, see Adding Labels via Comments, or if you are unsure of which component this issue relates to, please ping @open-telemetry/collector-contrib-triagers. If this issue is still relevant, please ping the code owners or leave a comment explaining why it is still relevant. Otherwise, please close it.

Pinging code owners:

• exporter/splunkhec: @atoulme @dmitryax

See Adding Labels via Comments if you do not have permissions to add labels yourself.

[fatsheep9146]

@neelayu do you have interest in contributing this?