Documentation Poorly Written

[dcsteve24]

Happy to see Duo moving forward with this but at its current state, documentation is barely there. The installation section details what is needed for the app install which is great. What it doesn't mention is:

• You need the Admin API enabled with the permissions specified under the splunk connector: Grant Read Information, Grant Read Log, Grant Read Resource. This is briefly mentioned in the duo page linking to here but even then doesn't say perms required.

• The destination/transport is where you are passing the data to. i.e. in my case ELK (particularly Log stash). So you need to make sure you have those port/paths open on the destination and the destination is listening. This was not clear at all on the installations stuff. I even originally though it was making a JSON file based on readings but figured out it was formatting and passing JSON formats to the transport as I tinkered more. Had to google python errors to get there.

• errors in the log it makes aren't complete. I still don't have this working and am at "failed to write data to transport with". With no documentation support it makes it hard to get this going.

Hoping we receive better installation instructions/guide as this goes forward.

[keith4]

Thank you for writing this... it was the info that I needed to get it working. You could submit a PR to put this into the readme, perhaps? ;-)