rules: - name: Looker Base URL id: kingfisher.looker.1 visible: false confidence: low min_entropy: 2.0 pattern: | (?x) \b ( https?:// (?:[a-z0-9-]+\.)+ looker\.com (?::\d{2,5})? ) (?:/api/(?:4\.0|3\.1))? \b examples: - https://example.cloud.looker.com - https://example.cloud.looker.com:19999 - https://example.cloud.looker.com:19999/api/4.0 - name: Looker Client ID id: kingfisher.looker.2 confidence: medium min_entropy: 3.0 pattern: | (?xi) \blooker (?:.|[\n\r]){0,64}? \b ( [a-z0-9]{20} ) \b pattern_requirements: min_digits: 2 examples: - LOOKER_CLIENT_ID=1a2b3c4d5e6f7g8h9i0j - 'looker client_id: "0a1b2c3d4e5f6g7h8i9j"' references: - https://docs.cloud.google.com/looker/docs/api-auth - name: Looker Client Secret id: kingfisher.looker.3 confidence: medium min_entropy: 3.5 pattern: | (?xi) \b looker (?:.|[\n\r]){0,64}? \b ( [a-z0-9]{24} ) \b pattern_requirements: min_digits: 2 examples: - LOOKER_CLIENT_SECRET=1a2b3c4d5e6f7g8h9i0j1k2l - 'looker client_secret: "0a1b2c3d4e5f6g7h8i9j0k1l"' references: - https://docs.cloud.google.com/looker/docs/api-auth - https://docs.cloud.google.com/looker/docs/reference/looker-api/latest/methods/ApiAuth/login depends_on_rule: - rule_id: kingfisher.looker.1 variable: LOOKER_BASE_URL - rule_id: kingfisher.looker.2 variable: LOOKER_CLIENT_ID validation: type: Http content: request: method: POST url: "{{ LOOKER_BASE_URL }}/api/4.0/login" headers: Content-Type: application/x-www-form-urlencoded Accept: application/json body: | client_id={{ LOOKER_CLIENT_ID }}&client_secret={{ TOKEN }} response_matcher: - report_response: true - type: StatusMatch status: [200] - type: JsonValid - type: WordMatch words: ['"access_token"']