Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Is it possible to use the oneshot command in a bash script without login prompt?

dajibade
New Member
‎12-09-2019 05:34 AM 
bash-4.1# cat test_script
#!/bin/bash
sudo -H  -u splunk bash -c '/opt/splunk/bin/splunk add oneshot /opt/splunk/etc/system/local/log_dir/log_file* -index test -sourcetype test_log -auth admin:pass'

This shell script is set to a cronjob. It works perfectly for the first couple of cron schedules, then stops working. When I try to run it manually, I get a “login failed” error. I believe this is due to security features on the server don’t like the plane text password.
Is it possible to disable login & password authentication for the oneshot command so the shell script can execute? Otherwise, what other options do I have. Thanks for your help in advance.

OS – REDHAT 6
SPLUNK VERSION – 7.0.1

0 Karma
Reply

adonio
SplunkTrust
SplunkTrust
‎12-10-2019 12:46 PM

why oneshot every time? cant you monitor the file path / directories with inputs.conf?
also, looks like you are trying to check changes in your .../etc/system/local/... files to monitor changes.
there are easier ways to do so, for example: use | rest ... commands to bring the relevant results, put them in a summary index and check changes, copy the structure of folders to another place, for example: /tmp and run diff command and send output to splunk via scripted input, etc ...

hope it helps

0 Karma
Reply
.conf21 CFS Extended through 5/20!

Don't miss your chance
to share your Splunk
wisdom in-person or
virtually at .conf21!

Call for Speakers has
been extended through
Thursday, 5/20!

Get Updates on the Splunk Community!