Splunk Search
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

What is the root user or splunk user's password for the Splunk 6.4 AMI? Not the Splunk Web UI, but the OS password.

jtsplunk
Splunk Employee
Splunk Employee
‎05-27-2016 11:51 AM

What is the root user or splunk user's password for the Splunk 6.4 AMI? Not the Splunk Web UI, but the OS password.

I need to adjust some iptables and firewall settings which require admin access.

This is not Splunk Cloud, but BYOL Splunk AMI.

Tags (2)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

jdunlea
Contributor
‎06-16-2016 06:09 AM

It turns out that once you are logged onto the CLI using the ec2-user that you can change to the "root" or "splunk" user by doing one of the following:

$ sudo su - splunk

OR

$ sudo su - root

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

jdunlea
Contributor
‎06-16-2016 06:09 AM

It turns out that once you are logged onto the CLI using the ec2-user that you can change to the "root" or "splunk" user by doing one of the following:

$ sudo su - splunk

OR

$ sudo su - root

0 Karma
Reply
Solved! Jump to solution

ChrisG
Splunk Employee
Splunk Employee
‎05-27-2016 01:08 PM

username: admin
password: instance id from management console

See About the Splunk Enterprise AMI in the Splunk Enterprise Admin Manual and the Usage instructions on the AWS marketplace page.

0 Karma
Reply
Solved! Jump to solution

Shack
Explorer
‎11-07-2016 02:50 PM

I downvoted this post because these are the Splunk Web credentials; not the credentials for ssh access.

0 Karma
Reply
Solved! Jump to solution

ChrisG
Splunk Employee
Splunk Employee
‎11-08-2016 11:27 AM

I asked one of the engineers about this, he said:

When launching an AMI from the marketplace, the user will pick their own ssh keys for access to the instance, usually using the 'ubuntu' user. I doubt the 'splunk' user has any keys setup for SSH access, but a customer could set them up themselves. There is probably no password, it just uses SSH key for auth.

0 Karma
Reply
Solved! Jump to solution

Shack
Explorer
‎11-07-2016 02:50 PM

I downvoted this post because these are the Splunk Web credentials; not the credentials for ssh access.

0 Karma
Reply
Solved! Jump to solution

jdunlea
Contributor
‎06-15-2016 06:57 PM

That is the password for the UI - I am also looking for the password for the "splunk" user on the OS itself in the Splunk AMI.

0 Karma
Reply
Get Updates on the Splunk Community!

Routing logs with Splunk OTel Collector for Kubernetes

The Splunk Distribution of the OpenTelemetry (OTel) Collector is a product that provides a way to ingest ...

Welcome to the Splunk Community!

(view in My Videos) We're so glad you're here! The Splunk Community is place to connect, learn, give back, and ...

Tech Talk | Elevating Digital Service Excellence: The Synergy of Splunk RUM & APM

Elevating Digital Service Excellence: The Synergy of Real User Monitoring and Application Performance ...