Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

CLI "login failed" error on DS

cnuguri_ncc
Path Finder
‎07-26-2021 01:13 AM

Hello all,

Configured custom ssl certificates on Deployment Server (both splunkd and splunk web), and deployment clients are connecting to DS fine on this setup.

But, command line login started failing after this while running any commands on DS, Need help in resolving this please ? (we have requireClientCert=false).

Thanks in Advance
Chetu

Labels (2)
Labels
0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

codebuilder
Influencer
‎07-27-2021 06:50 AM

Did you cycle Splunk after enabling web SSL? How are you running Splunk? As root, or another user?

----
An upvote would be appreciated and Accept Solution if it helps!

View solution in original post

0 Karma
Reply
Solved! Jump to solution
Solution

codebuilder
Influencer
‎07-27-2021 06:50 AM

Did you cycle Splunk after enabling web SSL? How are you running Splunk? As root, or another user?

----
An upvote would be appreciated and Accept Solution if it helps!
0 Karma
Reply
Solved! Jump to solution

cnuguri_ncc
Path Finder
‎08-06-2021 02:41 AM

Thanks @codebuilder 


Not exactly sure how, but it started working. I can only think the restart (although a few times) must have fixed this.

 

0 Karma
Reply
Solved! Jump to solution

cnuguri_ncc
Path Finder
‎07-27-2021 08:51 AM

Yes, restarted a few times.
Splunk is running as "Local System" on Windows.

0 Karma
Reply
Solved! Jump to solution

codebuilder
Influencer
‎07-27-2021 10:32 AM

What is the full command you are running? Also, have you looked at the the _audit index for any messages related to why the auth is not successful?

----
An upvote would be appreciated and Accept Solution if it helps!
0 Karma
Reply
Solved! Jump to solution

codebuilder
Influencer
‎07-26-2021 02:28 PM

It's asking for the Splunk admin account password that you would have created when installing Splunk. You can reset it via the web UI if you have access, or you can reset it with the user-seed.conf method.

https://community.splunk.com/t5/Security/How-to-Reset-the-Admin-password/m-p/10622

----
An upvote would be appreciated and Accept Solution if it helps!
0 Karma
Reply
Solved! Jump to solution

cnuguri_ncc
Path Finder
‎07-27-2021 01:17 AM

@codebuilder Sorry for not being clear enough,  It fails when I enter the admin login details. The same username and password works with Splunk web though ( this is the admin account created at installation ).

And this started after I have setup SSL for splunkd port so wondering if that is affecting the CLI authentication ? Is there a way to setup cert authentication for CLI ?

Thanks
Chetu

0 Karma
Reply
Get Updates on the Splunk Community!

Building Reliable Asset and Identity Frameworks in Splunk ES

 Accurate asset and identity resolution is the backbone of security operations. Without it, alerts are ...

Cloud Monitoring Console - Unlocking Greater Visibility in SVC Usage Reporting

For Splunk Cloud customers, understanding and optimizing Splunk Virtual Compute (SVC) usage and resource ...

Automatic Discovery Part 3: Practical Use Cases

If you’ve enabled Automatic Discovery in your install of the Splunk Distribution of the OpenTelemetry ...