Getting started with 1Password for your growing team, or refining your setup? Our Secured Success quickstart guide is for you.
Forum Discussion
Solved
How do I export only Vault and password metadata
We have a use case where we want to export the following fields: vault uid, vault name, password uid, password name Users assigned to vaults We DONOT want to export the password in plaintext t...
So I don't know if anyone will ever need to do this because after looking through various options, we found a way to get a onetime dump of information we needed using a token of a service account that has rights on all the vaults of interest and the following commands
export OP_SERVICE_ACCOUNT_TOKEN=<Service account token> op item list --format json| jq -r '["password_id","password_name","vault_id", "vault_name"], (.[] |[.id, .title, .vault."id", .vault."name"]) | @csv' > items.csvAnd then we uploaded the returned information into a datatable which we can use in rules and queries in Chronicle.
We then deleted the token and service account because it was too permissive
Thank you Dave.
So what we would like to achieve with this usecase is to monitor items we consider to be sensitive passwords to detect anomolous behaviour using logs being exported from 1password to Chronicle.
In the logs, only vault and Item UUIDS are available and we would like to match those to human readable names so our security analysts can know which teams to contact to verify seen suspicious activities against these sensitive items.
The analysts don't have access to all the 1password vaults.
