Solved: How to Reset the Admin password? - Page 3

Lionel · ‎03-23-2010

I just realized that I lost the Admin password and I need a way to access the system, with my Admin credentials.

cbreshears_splu · ‎05-01-2018

How to do this in 7.1 + :

Stop Splunk Enterprise
Find the passw file for your instance ($SPLUNK_HOME/etc/passwd) and rename it to passwd.bk
Create a file named user-seed.conf in your $SPLUNK_HOME/etc/system/local/ directory.
In the file add the following text:

[user_info]
PASSWORD = NEW_PASSWORD

In the place of "NEW_PASSWORD" insert the password you would like to use.
Start Splunk Enterprise and use the new password to log into your instance from Splunk Web.
If you previously created other users and know their login details, copy and paste their credentials from the passwbk file into the passwd file and restart Splunk.

Versions prior to 7.1 :

Stop Splunk Enterprise
Find the passw file for your instance ($SPLUNK_HOME/etc/passw) and rename it to passw.bk
Start Splunk Enterprise and login to your instance from Splunk Web using the default credentials of admin/changeme.
You will be asked to enter a new password for your admin account.
If you previously created other users and know their login details, copy and paste their credentials from the passw.bk file into the passwd file and restart Splunk.

View solution in original post

How to Reset the Admin password?

login

How to do this in 7.1 + :

Versions prior to 7.1 :

Introducing the Splunk Community Dashboard Challenge!

Built-in Service Level Objectives Management to Bridge the Gap Between Service & ...

Get Your Exclusive Splunk Certified Cybersecurity Defense Engineer Certification at ...