Can you help me with Splunk password encryption fo... - Splunk Community

Deployment Architecture

Hi,

I have a server.conf file under system/local directory which has following stanza
[general]
pass4SymmKey = $1$xxxxxxxxxx

I expect that this password is the encrypted form of pass4SymmKey in server.conf at system/default.

But even though I changed pass4SymmKey in server.conf at system/default , the pass4SymmKey in server.conf at system/local directory is not getting updated.

Then I removed the pass4SymmKey in server.conf at system/local directory. After restart , the same password is getting generated.

Do you know from which source pass4SymmKey in server.conf at system/local might get generated other than pass4SymmKey in server.conf at system/default ?

Get Updates on the Splunk Community!

Extending Observability Content to Splunk Cloud

Watch Now! In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to leverage ...

More Control Over Your Monitoring Costs with Archived Metrics!

What if there was a way you could keep all the metrics data you need while saving on storage costs?This is now ...

New in Observability Cloud - Explicit Bucket Histograms

Splunk introduces native support for histograms as a metric data type within Observability Cloud with Explicit ...