A security conscious company has a policy of removing "default" admin accounts from its software products and replacing then with a non standard admin accounts. Is the possible in Splunk?
It is possible clone the admin user to a new "admin"account (eg splunkadm)with identical privileges. Once the new account is created you may delete the original admin account.
CAVEAT
If the "default" admin has created knowledge objects you will need to move these knowledge objects associated with the "default" admin to the "new" admin account.
It is advisable to test this in a Pre Production Test Enviroment to ensure that no fuctionality is lost
For futher suggestions on "hardening" the Splunk enviroment please see
http://docs.splunk.com/Documentation/Splunk/5.0/Security/Hardeningstandards
It is possible clone the admin user to a new "admin"account (eg splunkadm)with identical privileges. Once the new account is created you may delete the original admin account.
CAVEAT
If the "default" admin has created knowledge objects you will need to move these knowledge objects associated with the "default" admin to the "new" admin account.
It is advisable to test this in a Pre Production Test Enviroment to ensure that no fuctionality is lost
For futher suggestions on "hardening" the Splunk enviroment please see
http://docs.splunk.com/Documentation/Splunk/5.0/Security/Hardeningstandards