- Splunk Answers
- :
- Splunk Administration
- :
- Security
- :
- CLI "login failed" error on DS
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello all,
Configured custom ssl certificates on Deployment Server (both splunkd and splunk web), and deployment clients are connecting to DS fine on this setup.
But, command line login started failing after this while running any commands on DS, Need help in resolving this please ? (we have requireClientCert=false).
Thanks in Advance
Chetu
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Did you cycle Splunk after enabling web SSL? How are you running Splunk? As root, or another user?
An upvote would be appreciated and Accept Solution if it helps!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Did you cycle Splunk after enabling web SSL? How are you running Splunk? As root, or another user?
An upvote would be appreciated and Accept Solution if it helps!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks @codebuilder
Not exactly sure how, but it started working. I can only think the restart (although a few times) must have fixed this.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes, restarted a few times.
Splunk is running as "Local System" on Windows.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What is the full command you are running? Also, have you looked at the the _audit index for any messages related to why the auth is not successful?
An upvote would be appreciated and Accept Solution if it helps!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It's asking for the Splunk admin account password that you would have created when installing Splunk. You can reset it via the web UI if you have access, or you can reset it with the user-seed.conf method.
https://community.splunk.com/t5/Security/How-to-Reset-the-Admin-password/m-p/10622
An upvote would be appreciated and Accept Solution if it helps!
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@codebuilder Sorry for not being clear enough, It fails when I enter the admin login details. The same username and password works with Splunk web though ( this is the admin account created at installation ).
And this started after I have setup SSL for splunkd port so wondering if that is affecting the CLI authentication ? Is there a way to setup cert authentication for CLI ?
Thanks
Chetu
Stay Connected: Your Guide to May Tech Talks, Office Hours, and Webinars!
They're back! Join the SplunkTrust and MVP at .conf24
Enterprise Security Content Update (ESCU) | New Releases
