Security

Local Splunk Authentication

fman82
Explorer

What is the full mechanism of the local Splunk authentication? What hashing algorithm does it use? Does it use a salt? Where does it keep this information? etc.

Tags (1)

Ayn
Legend

Splunk uses the standard UNIX password file format also found in /etc/passwd and /etc/shadow on most UNIX systems, using crypt() with MD5 as hashing algorithm for storing hashes of salted passwords. You can have a look at the password file yourself (if you have the appropriate access of course), it is stored in $SPLUNK_HOME/etc/passwd.

Get Updates on the Splunk Community!

From Alert to Resolution: How Splunk Observability Helps SREs Navigate Critical ...

It's 3:17 AM, and your phone buzzes with an urgent alert. Wire transfer processing times have spiked, and ...

ATTENTION!! We’re MOVING (not really)

Hey, all! In an effort to keep this Slack workspace secure and also to make our new members' experience easy, ...

Splunk Admins: Build a Smarter Stack with These Must-See .conf25 Sessions

  Whether you're running a complex Splunk deployment or just getting your bearings as a new admin, .conf25 ...