Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

How to change credentials stored in passwords.conf?

savithamr
Path Finder
‎06-09-2016 05:25 AM

Hi,

Firstly, I created a setup.xml following the link: http://docs.splunk.com/Documentation/Splunk/6.4.1/AdvancedDev/SetupExampleCredentials

I am able to save credentials through setup.xml to apps local/passwords.conf file.. 

[credential:10.11.0.221:admin:]
password = $1$EncryptionPwd

Now, the issue is how to change the admin password if the entered password is wrong or it expires after a certain number of days. Customer is not happy with the solution of deleting that particular entry from passwords.conf file and adding again.

I got to know there is method setEntity to change password like getEntity (retrieves credentials).. but not getting how exactly to use that through setup.xml.
Pls help..

Reply

AMAN0113
Explorer
‎02-01-2024 01:27 AM

Is there a way to do this already? Stuck at the exact same point.

0 Karma
Reply

nit123
Path Finder
‎06-24-2017 08:34 AM

Hi Savitha & Alex,

I went through your comments .

It is recommended to store passwords in your splunk app as encrypted. Splunk provides a REST endpoint for securely storing credentials. More information is here: http://blogs.splunk.com/2011/03/15/storing-encrypted-credentials/

a. Follow the steps and secure your app in the Splunk way. It could also get decrypted password from Splunk using getEntities and appropriate calls.
b. Once you save the credentials from the setup page of your app, you will find an encrypted password in passwords.conf file .
c. Please refer to this link for code samples http://www.georgestarcher.com/splunk-stored-encrypted-credentials/

If my answer solve your question, spare a moment to accept the answer and vote for it . Thanks.

0 Karma
Reply

alexbourla
New Member
‎04-13-2017 07:07 AM

In some work I'm doing at the moment I've hit exactly the same stumbling block - would like to use the app-setup to set credentials as explained in the docs but want to be able to ensure I can update them within the UI. Seems quite a big limitation! Did you find any alternative?

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Get Updates on the Splunk Community!

Tech Talk Recap | Mastering Threat Hunting

Mastering Threat HuntingDive into the world of threat hunting, exploring the key differences between ...

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In the age of AI, every tool promises to make our lives easier. From summarizing content to writing code, ...

Data Persistence in the OpenTelemetry Collector

This blog post is part of an ongoing series on OpenTelemetry. What happens if the OpenTelemetry collector ...