Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Admin user accout delete on splunk Enterprise 7.0.1

euimok
Explorer
‎10-07-2019 07:49 PM

Hi Splunker
I have a question about splunk Enterprise 7.0.1
For security reason, my customer want to disable or delete admin account(default) ?
Are there people who experienced similar my case?

Thank you

0 Karma
Reply

gfreitas
Builder
‎10-08-2019 03:47 AM

I have deleted the default admin account many times. First I needed to create a new admin account and then just login with the new admin and remove the old one. As ivanreis said please make sure to re-assign all the knowledge objects of admin to the new user otherwise they will become orphan and you won't be able to use them.

0 Karma
Reply

ivanreis
Builder
‎10-07-2019 08:18 PM

I never experienced this customer request before. You have the option to clone the admin account to a new account. Also is important to highlight that all knowledge objects already created under admin account have to reassigned to this new user.

There is an old topic at splunk answer about the same topic, although it is related with the older Splunk versions, can be applied to your case as well.
https://answers.splunk.com/answers/65221/replacing-splunk-admin-account-with-a-non-standard-admin-ac...

0 Karma
Reply

euimok
Explorer
‎10-07-2019 10:09 PM

Hi ivanreis
Thank you for your answer . I did clone admin account(default) as spadmin but I can't delete admin account(default) user. 🙂
If you have any others good please let me know

0 Karma
Reply

ivanreis
Builder
‎10-07-2019 11:07 PM

In this case, my suggestion is to run a new Splunk enterprise installation and when splunk will start for the 1st time, you have to type the new admin user requested by customer, check this doc
https://docs.splunk.com/Documentation/Splunk/7.3.2/Installation/StartSplunkforthefirsttime.

0 Karma
Reply
Get Updates on the Splunk Community!

New Case Study Shows the Value of Partnering with Splunk Academic Alliance

The University of Nevada, Las Vegas (UNLV) is another premier research institution helping to shape the next ...

How to Monitor Google Kubernetes Engine (GKE)

We’ve looked at how to integrate Kubernetes environments with Splunk Observability Cloud, but what about ...

Index This | How can you make 45 using only 4?

October 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...