Monitoring Splunk

ta-postgres Authentication issue

marcoscala
Builder

hi!
I'm trying to monitor a Postgres DB using the ta-postgres TA.

I have an authentication issue: the DBA created a user "splunk" and provided me with the password. I have tried the following configuration options in ta-postgres/local/postgrestats.conf:

Option 1.
[default]
defaultdb =
host = host.domain
port = 5432
user = splunk
password = {md5}splunk83fef3dd6477

Option 2.
[default]
defaultdb =
host = host.domain
port = 5432
user = splunk
password = md5bacb6374010b3f7af42dc7a670da9db4
(md5 coded password from the postgres db)

In both cases I get the following error message on the DB in the "postgresql*.log :
UTC FATAL: password authentication failed for user "splunk"

Thanks for support!!!

Tags (1)
0 Karma
1 Solution

marcoscala
Builder

Actually, digging in the code of the ta, we found that the bin/postgrestats.py uses the connect method from psycopg2:

psycopg2.connect(connect_string(defaultdb, dbhost, dbport, dbuser, dbpassword))

Cheching online it looks like the dbpassword must be passed NOT MD5ed...

so the working final config for me was:

password = splunk83fef3dd6477

with the password in clear!!!

Hope this will help!!!

View solution in original post

0 Karma

marcoscala
Builder

Actually, digging in the code of the ta, we found that the bin/postgrestats.py uses the connect method from psycopg2:

psycopg2.connect(connect_string(defaultdb, dbhost, dbport, dbuser, dbpassword))

Cheching online it looks like the dbpassword must be passed NOT MD5ed...

so the working final config for me was:

password = splunk83fef3dd6477

with the password in clear!!!

Hope this will help!!!

0 Karma

marcoscala
Builder

Here is the source of our findings:

https://wiki.postgresql.org/wiki/Psycopg2_Tutorial

0 Karma
Get Updates on the Splunk Community!

Splunk Admins: Build a Smarter Stack with These Must-See .conf25 Sessions

  Whether you're running a complex Splunk deployment or just getting your bearings as a new admin, .conf25 ...

AppDynamics Summer Webinars

This summer, our mighty AppDynamics team is cooking up some delicious content on YouTube Live to satiate your ...

SOCin’ it to you at Splunk University

Splunk University is expanding its instructor-led learning portfolio with dedicated Security tracks at .conf25 ...