Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Security
×
Join the Conversation
Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
- Find Answers
- :
- Splunk Administration
- :
- Admin Other
- :
- Security
- :
- Save more than one password using setup.xml OR "st...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark Topic
- Subscribe to Topic
- Mute Topic
- Printer Friendly Page
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Save more than one password using setup.xml OR "storage/passwords"
pbankar
Path Finder
04-16-2018
09:11 PM
I faced a challenge and tried many things to work around for saving 2 passwords in the password.conf at the same time using the setup.xml.
- Is the Credential
- Is the Client Certificate Passphrase
Setup.xml code:
<setup>
<block title="Credentials" endpoint="storage/passwords" entity="_new">
<text> Leave username/password blank, if you have already set it up.</text>
<input field="realm">
<label>Role</label>
<type>text</type>
</input>
<input field="name">
<label>Username</label>
<type>text</type>
</input>
<input field="password">
<label>Password</label>
<type>password</type>
</input>
</block>
<block title="Client Certificate" endpoint="myapp/myapp_configure" entity="setupentity">
<input field="use_ca">
<label>Use a Client certificate for authentication</label>
<type>bool</type>
</input>
<input field="ca_path">
<label>Path to client CA certificate </label>
<type>text</type>
</input>
<input field="ca_key">
<label>Path to client CA certificate key </label>
<type>text</type>
</input>
</block>
<block title="Client Certificate Passphrase" endpoint="storage/passwords" entity="_new">
<input field="ca_pass">
<label>Passphrase for client CA certificate</label>
<type>password</type>
</input>
</block>
</setup>
The Passphrase is not saved.
P.S. I have created the python handler, default/myapp.conf with all the fields. The restmap.conf also has endpoint="myapp/myapp_configure". The Credentials are saved with Role/realm.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
pbankar
Path Finder
05-13-2018
10:24 PM
I got an answer for this problem using the import splunklib.client as client in the <app>_splunk_setup_handler.py script.
I'm saving the password in my app/local/password.conf and retrieving it using the splunk session and service.storage_passwords.
Created these 2 type of methods:
'''Get clear password'''
def get_password(session_key, username, realm):
args = {'token': session_key, 'app': "my_app"}
service = client.connect(**args)
try:
# Retrieve the password from the storage/passwords endpoint
for storage_password in service.storage_passwords:
if storage_password.username == username and storage_password.realm == realm:
return storage_password.content.clear_password
except Exception, e:
raise Exception, "An error occurred while decrypting credentials. Details: %s" % str(e)
'''Encripting the password'''
def encrypt_password(service, ca_pass, username, realm):
try:
# If the credential already exists, delete it.
for storage_password in service.storage_passwords:
if storage_password.username == username and storage_password.realm == realm:
service.storage_passwords.delete(username, realm)
# Create the credential.
password = service.storage_passwords.create(ca_pass, username, realm)
return password.encrypted_password
except Exception, e:
raise Exception, "An error occurred while encrypting credentials. Details: %s" % str(e)
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
starcher
Influencer
04-17-2018
07:51 PM
I would recommend using the Splunk add on builder. It provides UI etc for handling credentials and whatever inputs or alerts you are making.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
pbankar
Path Finder
04-17-2018
11:22 PM
Thanks, @starcher for your input. I'm looking for a code level solution.
Got questions? Get answers!
Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!
Meet up IRL or virtually!
Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.
Get Updates on the Splunk Community!
[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions
This challenge was first posted on Slack #puzzles channelFor BORE at .conf23, we had a puzzle question which ...
Splunk Community Badges!
Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...
[Puzzles] Solve, Learn, Repeat: Matching cron expressions
This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...
