Deployment Architecture

password file wont symbolic link.

psenger
New Member

I have an odd problem with the local password file. I have a volume that is mounted to my unix server ( lets say it is either a NFS or even a EBS volume ) . I want to store the splunk password file on the mounted volume and link to it via a symbolic link. I need to do this because my server is designed to auto scale ( this could even be fail-over ) and I don't want to lose my passwords ( they are local passwords ).

I have successfully used a symbolic link to store other things related to splunk based on this nice article.

HOWEVER, I noticed every time I create a new user in Splunk, it deletes the symbolic link and replaces the password file with a real file. Any idea how I can get it to respect the symbolic link? I'm aware that this might have been done to prevent hackers from taking over the file, but I'm at a lost on how I cam over come this design.

0 Karma
Get Updates on the Splunk Community!

Now Available: Cisco Talos Threat Intelligence Integrations for Splunk Security Cloud ...

At .conf24, we shared that we were in the process of integrating Cisco Talos threat intelligence into Splunk ...

Preparing your Splunk Environment for OpenSSL3

The Splunk platform will transition to OpenSSL version 3 in a future release. Actions are required to prepare ...

Easily Improve Agent Saturation with the Splunk Add-on for OpenTelemetry Collector

Agent Saturation What and Whys In application performance monitoring, saturation is defined as the total load ...