Splunk server login

New Member

I just installed the current version of Splunk on my Fedora Core 14 laptop. There is an option at login for Splunk Server. I have no idea what the password is (neither changeme, nor my user or root passwords work). Can anyone help? Thanks in advance.

Tags (3)
0 Karma


Are you referring to logging into Splunk itself or an account on the OS created for Splunk to run under?

If the former, then you can reset the Splunk password by following the steps below (needs filesystem access):

  • Move the $SPLUNK_HOME/etc/passwd file to passwd.bak
  • Restart splunk. After the restaringt you should be able to login using the default login (admin/changeme).
  • If you created other user accounts, copy those entries from the backup file into the new passwd file and restart splunk.

If your looking for the latter (to login using the Splunk account on the OS) then you'll find you will not be able to login into the account that the Splunk installer created since it does not have a valid password defined since the account is only designed to be used by the local Splunk processes. The password for the splunk account in /etc/shadow is usually set to an exclamation mark which prevents anyone from logging in with this password.

New Member

thanks luke.

0 Karma