Security
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Replacing Splunk admin account with a non standard admin account

dshakespeare_sp
Splunk Employee
Splunk Employee
‎11-09-2012 08:23 AM

A security conscious company has a policy of removing "default" admin accounts from its software products and replacing then with a non standard admin accounts. Is the possible in Splunk?

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

dshakespeare_sp
Splunk Employee
Splunk Employee
‎11-09-2012 08:33 AM

It is possible clone the admin user to a new "admin"account (eg splunkadm)with identical privileges. Once the new account is created you may delete the original admin account.

CAVEAT
If the "default" admin has created knowledge objects you will need to move these knowledge objects associated with the "default" admin to the "new" admin account.

It is advisable to test this in a Pre Production Test Enviroment to ensure that no fuctionality is lost

For futher suggestions on "hardening" the Splunk enviroment please see

http://docs.splunk.com/Documentation/Splunk/5.0/Security/Hardeningstandards

View solution in original post

Reply
Solved! Jump to solution
Solution

dshakespeare_sp
Splunk Employee
Splunk Employee
‎11-09-2012 08:33 AM

It is possible clone the admin user to a new "admin"account (eg splunkadm)with identical privileges. Once the new account is created you may delete the original admin account.

CAVEAT
If the "default" admin has created knowledge objects you will need to move these knowledge objects associated with the "default" admin to the "new" admin account.

It is advisable to test this in a Pre Production Test Enviroment to ensure that no fuctionality is lost

For futher suggestions on "hardening" the Splunk enviroment please see

http://docs.splunk.com/Documentation/Splunk/5.0/Security/Hardeningstandards

Reply
Get Updates on the Splunk Community!

Splunk AI Assistant for SPL 1.1.0 | Now Personalized to Your Environment for Greater ...

Splunk AI Assistant for SPL has transformed how users interact with Splunk, making it easier than ever to ...

Unleash Unified Security and Observability with Splunk Cloud Platform

     Now Available on Microsoft AzureOn Demand Now Step boldly into the AI revolution with enhanced security ...

Enterprise Security Content Update (ESCU) | New Releases

In March, the Splunk Threat Research Team had 2 releases of security content via the Enterprise Security ...
Top