Getting Data In

remote.s3.access_key and remote.s3.secret_key are overwritten after apply cluster-bundle

ltang78
Engager

On cluster master one of $SPLUNK_HOME/etc/master-apps/<app-name>/local/indexes.conf, I set remote.s3.access_key and remote.s3.secret_key with the same access_key and secret_key used with s3cmd. However after apply cluster-bundle, the indexes.conf is updated and both key values are replaced. The new set of keys not only replace the ones under [default] stanza, but also on each index stanza. 

Where the new keys come from? Is it expected that keys be overwritten?

Labels (2)
Tags (1)
0 Karma

ltang78
Engager

Yes. Starts with $7. Thanks for the reply

0 Karma

PaulPanther
Builder

Do the "new" keys start with $7$? If yes, they are encrypted.

Get Updates on the Splunk Community!

Monitoring Postgres with OpenTelemetry

Behind every business-critical application, you’ll find databases. These behind-the-scenes stores power ...

Mastering Synthetic Browser Testing: Pro Tips to Keep Your Web App Running Smoothly

To start, if you're new to synthetic monitoring, I recommend exploring this synthetic monitoring overview. In ...

Splunk Edge Processor | Popular Use Cases to Get Started with Edge Processor

Splunk Edge Processor offers more efficient, flexible data transformation – helping you reduce noise, control ...