Is there a way to find out whether my Splunk Instances are running using a Domain Account or a Local Account. I can find out for windows navigating to services but how can I figure it out for Linux Instances?
Hi! I'm not 100% this will work. Try it like this:
ps -C splunkd -o user:50
If it is a local account then you should get something like "root".
If it is a domain account then you should get something like "user@domain".
So if the output contains a @ symbol then Splunk is run by a domain account.