diff --git a/pkg/collect/secret.go b/pkg/collect/secret.go
index 99a401e4..923dd342 100644
--- a/pkg/collect/secret.go
+++ b/pkg/collect/secret.go
@@ -3,6 +3,7 @@ package collect
 import (
 	"encoding/json"
 	"fmt"
+	"path/filepath"
 
 	troubleshootv1beta1 "github.com/replicatedhq/troubleshoot/pkg/apis/troubleshoot/v1beta1"
 	metav1 "k8s.io/apimachinery/pkg/apis/meta/v1"
@@ -34,16 +35,16 @@ func Secret(ctx *Context, secretCollector *troubleshootv1beta1.Secret) ([]byte,
 		Errors:      make(map[string][]byte),
 	}
 
-	secret, encoded, err := secret(client, secretCollector)
+	path, encoded, err := secret(client, secretCollector)
 	if err != nil {
 		errorBytes, err := marshalNonNil([]string{err.Error()})
 		if err != nil {
 			return nil, err
 		}
-		secretOutput.Errors[fmt.Sprintf("%s.json", secret.Name)] = errorBytes
+		secretOutput.Errors[path] = errorBytes
 	}
 	if encoded != nil {
-		secretOutput.FoundSecret[fmt.Sprintf("%s.json", secret.Name)] = encoded
+		secretOutput.FoundSecret[path] = encoded
 		if ctx.Redact {
 			secretOutput, err = secretOutput.Redact()
 			if err != nil {
@@ -60,7 +61,10 @@ func Secret(ctx *Context, secretCollector *troubleshootv1beta1.Secret) ([]byte,
 	return b, nil
 }
 
-func secret(client *kubernetes.Clientset, secretCollector *troubleshootv1beta1.Secret) (*FoundSecret, []byte, error) {
+func secret(client *kubernetes.Clientset, secretCollector *troubleshootv1beta1.Secret) (string, []byte, error) {
+	ns := secretCollector.Namespace
+	path := fmt.Sprintf("%s.json", filepath.Join(ns, secretCollector.SecretName))
+
 	found, err := client.CoreV1().Secrets(secretCollector.Namespace).Get(secretCollector.SecretName, metav1.GetOptions{})
 	if err != nil {
 		missingSecret := FoundSecret{
@@ -71,16 +75,23 @@ func secret(client *kubernetes.Clientset, secretCollector *troubleshootv1beta1.S
 
 		b, marshalErr := json.MarshalIndent(missingSecret, "", "  ")
 		if marshalErr != nil {
-			return nil, nil, marshalErr
+			return path, nil, marshalErr
 		}
 
-		return &missingSecret, b, err
+		return path, b, err
 	}
 
+	ns = found.Namespace
+	path = fmt.Sprintf("%s.json", filepath.Join(ns, secretCollector.SecretName, secretCollector.Key))
+
 	keyExists := false
+	keyData := ""
 	if secretCollector.Key != "" {
-		if _, ok := found.Data[secretCollector.Key]; ok {
+		if val, ok := found.Data[secretCollector.Key]; ok {
 			keyExists = true
+			if secretCollector.IncludeValue {
+				keyData = string(val)
+			}
 		}
 	}
 
@@ -89,14 +100,15 @@ func secret(client *kubernetes.Clientset, secretCollector *troubleshootv1beta1.S
 		Name:         found.Name,
 		SecretExists: true,
 		KeyExists:    keyExists,
+		Value:        keyData,
 	}
 
 	b, err := json.MarshalIndent(secret, "", "  ")
 	if err != nil {
-		return nil, nil, err
+		return path, nil, err
 	}
 
-	return &secret, b, nil
+	return path, b, nil
 }
 
 func (s *SecretOutput) Redact() (*SecretOutput, error) {