Deployment Architecture
Highlighted

Can you help me with Splunk password encryption for server.conf?

Contributor

Hi,

I have a server.conf file under system/local directory which has following stanza
[general]
pass4SymmKey = $1$xxxxxxxxxx

I expect that this password is the encrypted form of pass4SymmKey in server.conf at system/default.

But even though I changed pass4SymmKey in server.conf at system/default , the pass4SymmKey in server.conf at system/local directory is not getting updated.

Then I removed the pass4SymmKey in server.conf at system/local directory. After restart , the same password is getting generated.

Do you know from which source pass4SymmKey in server.conf at system/local might get generated other than pass4SymmKey in server.conf at system/default ?

0 Karma