I want to enable Splunk maintenance mode on cluster master. I have confusion on user and password used..Is it necessary to have admin username and password or Host username and password will work with Sudo Splunk user ?
for running Splunk commands other than "splunk version" it is usually necessary to authenticate with an Splunk internal account. It is not sufficient to just use the splunk OS user to run the command.
In case of "splunk enable maintenance-mode" you are required to authenticate with an admin account.
View solution in original post