Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Security
×
Are you a member of the Splunk Community?
Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
- Find Answers
- :
- Splunk Administration
- :
- Admin Other
- :
- Security
- :
- Re: Save more than one password using setup.xml OR...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Save more than one password using setup.xml OR "storage/passwords"
pbankar
Path Finder
04-16-2018
09:11 PM
I faced a challenge and tried many things to work around for saving 2 passwords in the password.conf at the same time using the setup.xml.
- Is the Credential
- Is the Client Certificate Passphrase
Setup.xml code:
<setup>
<block title="Credentials" endpoint="storage/passwords" entity="_new">
<text> Leave username/password blank, if you have already set it up.</text>
<input field="realm">
<label>Role</label>
<type>text</type>
</input>
<input field="name">
<label>Username</label>
<type>text</type>
</input>
<input field="password">
<label>Password</label>
<type>password</type>
</input>
</block>
<block title="Client Certificate" endpoint="myapp/myapp_configure" entity="setupentity">
<input field="use_ca">
<label>Use a Client certificate for authentication</label>
<type>bool</type>
</input>
<input field="ca_path">
<label>Path to client CA certificate </label>
<type>text</type>
</input>
<input field="ca_key">
<label>Path to client CA certificate key </label>
<type>text</type>
</input>
</block>
<block title="Client Certificate Passphrase" endpoint="storage/passwords" entity="_new">
<input field="ca_pass">
<label>Passphrase for client CA certificate</label>
<type>password</type>
</input>
</block>
</setup>
The Passphrase is not saved.
P.S. I have created the python handler, default/myapp.conf with all the fields. The restmap.conf also has endpoint="myapp/myapp_configure". The Credentials are saved with Role/realm.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
pbankar
Path Finder
05-13-2018
10:24 PM
I got an answer for this problem using the import splunklib.client as client in the <app>_splunk_setup_handler.py script.
I'm saving the password in my app/local/password.conf and retrieving it using the splunk session and service.storage_passwords.
Created these 2 type of methods:
'''Get clear password'''
def get_password(session_key, username, realm):
args = {'token': session_key, 'app': "my_app"}
service = client.connect(**args)
try:
# Retrieve the password from the storage/passwords endpoint
for storage_password in service.storage_passwords:
if storage_password.username == username and storage_password.realm == realm:
return storage_password.content.clear_password
except Exception, e:
raise Exception, "An error occurred while decrypting credentials. Details: %s" % str(e)
'''Encripting the password'''
def encrypt_password(service, ca_pass, username, realm):
try:
# If the credential already exists, delete it.
for storage_password in service.storage_passwords:
if storage_password.username == username and storage_password.realm == realm:
service.storage_passwords.delete(username, realm)
# Create the credential.
password = service.storage_passwords.create(ca_pass, username, realm)
return password.encrypted_password
except Exception, e:
raise Exception, "An error occurred while encrypting credentials. Details: %s" % str(e)
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
starcher
Influencer
04-17-2018
07:51 PM
I would recommend using the Splunk add on builder. It provides UI etc for handling credentials and whatever inputs or alerts you are making.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
pbankar
Path Finder
04-17-2018
11:22 PM
Thanks, @starcher for your input. I'm looking for a code level solution.
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Get Updates on the Splunk Community!
Can’t Make It to Boston? Stream .conf25 and Learn with Haya Husain
Boston may be buzzing this September with Splunk University and .conf25, but you don’t have to pack a bag to ...
Splunk Lantern’s Guide to The Most Popular .conf25 Sessions
Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...
Unlock What’s Next: The Splunk Cloud Platform at .conf25
In just a few days, Boston will be buzzing as the Splunk team and thousands of community members come together ...
