I've been asked to automatically rotate the local passwords on Splunk every week. It can be predictable. Like HelloP@ssword1June1st goes to HelloP@ssword1June8th. But just needs to rotate to meet the auditors requirement.
Any idea how I would tackle that?
I think that you should create a shell that saves the rotate number and changes the password with the Splunk command.
splunk edit user admin -password newPassowrd -auth admin:changeme
However, embedding the password in the shell is problematic in terms of security, so you have to consider how to keep it.
I can tell you a workaround I may be wrong but you can try this:
1) change the password using CLI
2) write a bash script and schedule a crontab to run every week
I hope that helps you!