QUESTION

Is there a way to retrieve the Bearer token used for authenticating via an HTTP Log Source in Panther?

ANSWER

For security reasons, bearer tokens used for HTTP Log Source authentication cannot be retrieved after their initial creation. You'll need to rotate the token if you no longer have it.

To rotate the token, you can generate a new one by updating the log source configuration through the Panther Console or the REST API. For step-by-step instructions, you can refer to the Bearer Authentication documentation.