Monitoring Splunk

ta-postgres Authentication issue

marcoscala
Builder

hi!
I'm trying to monitor a Postgres DB using the ta-postgres TA.

I have an authentication issue: the DBA created a user "splunk" and provided me with the password. I have tried the following configuration options in ta-postgres/local/postgrestats.conf:

Option 1.
[default]
defaultdb =
host = host.domain
port = 5432
user = splunk
password = {md5}splunk83fef3dd6477

Option 2.
[default]
defaultdb =
host = host.domain
port = 5432
user = splunk
password = md5bacb6374010b3f7af42dc7a670da9db4
(md5 coded password from the postgres db)

In both cases I get the following error message on the DB in the "postgresql*.log :
UTC FATAL: password authentication failed for user "splunk"

Thanks for support!!!

Tags (1)
0 Karma
1 Solution

marcoscala
Builder

Actually, digging in the code of the ta, we found that the bin/postgrestats.py uses the connect method from psycopg2:

psycopg2.connect(connect_string(defaultdb, dbhost, dbport, dbuser, dbpassword))

Cheching online it looks like the dbpassword must be passed NOT MD5ed...

so the working final config for me was:

password = splunk83fef3dd6477

with the password in clear!!!

Hope this will help!!!

View solution in original post

0 Karma

marcoscala
Builder

Actually, digging in the code of the ta, we found that the bin/postgrestats.py uses the connect method from psycopg2:

psycopg2.connect(connect_string(defaultdb, dbhost, dbport, dbuser, dbpassword))

Cheching online it looks like the dbpassword must be passed NOT MD5ed...

so the working final config for me was:

password = splunk83fef3dd6477

with the password in clear!!!

Hope this will help!!!

0 Karma

marcoscala
Builder

Here is the source of our findings:

https://wiki.postgresql.org/wiki/Psycopg2_Tutorial

0 Karma
Get Updates on the Splunk Community!

Splunk Observability Cloud | Customer Survey!

If you use Splunk Observability Cloud, we invite you to share your valuable insights with us through a brief ...

Happy CX Day, Splunk Community!

Happy CX Day, Splunk Community! CX stands for Customer Experience, and today, October 3rd, is CX Day — a ...

.conf23 | Get Your Cybersecurity Defense Analyst Certification in Vegas

We’re excited to announce a new Splunk certification exam being released at .conf23! If you’re going to Las ...