Security

PassAuth not working in Splunk 6.2

Path Finder

I am writing a script were I need to pass authentication to access storage password. I update the commands.conf and added the passAuth = True as well as updated the inputs.conf with passAuth = admin, but I can't seem to get the sessionKey.

This code does work, sessionKey = splunk.auth.getSessionKey('admin','changeme') but when I do sessionKey= sys.stdin.readline().strip() it doesn't work. Am I missing something?

Here is my code:

import splunk.entity as entity
import splunk.auth, splunk.search
import sys, os


def getCredentials(sessionKey):
    myapp = 'test'
    try:
        # list all credentials
        entities = entity.getEntities(
            ['admin', 'passwords'], namespace=myapp,
            owner='nobody', sessionKey=sessionKey)
    except Exception, e:
        raise Exception(
            "Could not get %s credentials from splunk."
            "Error: %s" % (myapp, str(e)))
    credentials = []
    # return credentials
    for i, c in entities.items():
        credentials.append((c['username'], c['clear_password']))
    return credentials
    raise Exception("No credentials have been found")
sessionKey = sys.stdin.readline().strip()
print sessionKey
credentials = getCredentials(sessionKey)
for username, password in credentials:
    print username
    print password

Thanks for your help,

Stephen Robinson

0 Karma
1 Solution

Path Finder

After taking a break and thinking about it, I was able to get this to work.

from splunk import Intersplunk as si
import splunk.entity as entity
import splunk.auth, splunk.search
import sys, os


def getCredentials(sessionKey):
    myapp = 'your_app_name'
    try:
        # list all credentials
        entities = entity.getEntities(
            ['admin', 'passwords'], namespace=myapp,
            owner='nobody', sessionKey=sessionKey)
    except Exception, e:
        raise Exception(
            "Could not get %s credentials from splunk."
            "Error: %s" % (myapp, str(e)))
    credentials = []
    # return credentials
    for i, c in entities.items():
        if c['username'] == 'filter_username_ you_want_to_get':
            credentials.append((c['username'], c['clear_password']))
    return credentials
    raise Exception("No credentials have been found")


settings = dict()
si.readResults(settings = settings, has_header = True)
sessionKey = settings['sessionKey']
print "username"

credentials = getCredentials(sessionKey)
for username, password in credentials:
        print password

View solution in original post

Path Finder

After taking a break and thinking about it, I was able to get this to work.

from splunk import Intersplunk as si
import splunk.entity as entity
import splunk.auth, splunk.search
import sys, os


def getCredentials(sessionKey):
    myapp = 'your_app_name'
    try:
        # list all credentials
        entities = entity.getEntities(
            ['admin', 'passwords'], namespace=myapp,
            owner='nobody', sessionKey=sessionKey)
    except Exception, e:
        raise Exception(
            "Could not get %s credentials from splunk."
            "Error: %s" % (myapp, str(e)))
    credentials = []
    # return credentials
    for i, c in entities.items():
        if c['username'] == 'filter_username_ you_want_to_get':
            credentials.append((c['username'], c['clear_password']))
    return credentials
    raise Exception("No credentials have been found")


settings = dict()
si.readResults(settings = settings, has_header = True)
sessionKey = settings['sessionKey']
print "username"

credentials = getCredentials(sessionKey)
for username, password in credentials:
        print password

View solution in original post

State of Splunk Careers

Access the Splunk Careers Report to see real data that shows how Splunk mastery increases your value and job satisfaction.

Find out what your skills are worth!