Deployment Architecture
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

MFA using RSA

ssj3abid
Engager
‎06-18-2021 08:53 AM

Hi,

I am trying to set up RSA authentication on our search head cluster, 

I was doing this via the Web Gui but i seem to have locked myself out, 

Any idea where the configuration file is on the backend so that i can remove the settings so that i am able to log back in? 

It is not under system/local where i thought it would be - i think it is in a authentication.conf file somewhere, 

Any help would greatly be appreciated,

Abid

Labels (2)
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

ssj3abid
Engager
‎06-18-2021 09:09 AM

nevermind i found it 

it is under /opt/splunk/etc/apps/search/local/authentication.conf 

 

you can use the command grep -tl "externalTwoFactor" /opt/splunk/etc

This will help locate the location of this particular file

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

ssj3abid
Engager
‎06-18-2021 09:09 AM

nevermind i found it 

it is under /opt/splunk/etc/apps/search/local/authentication.conf 

 

you can use the command grep -tl "externalTwoFactor" /opt/splunk/etc

This will help locate the location of this particular file

0 Karma
Reply
Get Updates on the Splunk Community!

How to Get Started with Splunk Data Management Pipeline Builders (Edge Processor & ...

If you want to gain full control over your growing data volumes, check out Splunk’s Data Management pipeline ...

Out of the Box to Up And Running - Streamlined Observability for Your Cloud ...

  Tech Talk Streamlined Observability for Your Cloud Environment Register    Out of the Box to Up And Running ...

Splunk Smartness with Brandon Sternfield | Episode 3

Hello and welcome to another episode of "Splunk Smartness," the interview series where we explore the power of ...