Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Where is the file for access control stored in Splunk Cloud?

namrithadeepak
Path Finder
‎11-22-2016 02:14 PM

Hi,

Purely for informational purposes, I would like to know where the file for access control is stored in Splunk Cloud.

Is it stored on the forwarder, indexer, or the search head? If I install a new component (Forwarder, indexer or search head), is it my responsibility to copy this file over to the new component?

I also have Splunk installed on my local machine (for personal use), can I view it then?

Thanks in advance!!

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

lguinn2
Legend
‎11-22-2016 05:57 PM

I don't know exactly what you mean by "access control." There are several files that Splunk uses to determine who can login, their passwords and their roles. For your local machine, you will find this in $SPLUNK_HOME/etc/passwd and in authorize.conf. You may also have configuration files that allow users to login to Splunk with LDAP credentials, etc.

/etc/passwd must exist on all Splunk instances. Other configuration files generally exist only where users login. Usually that is the search head.

You cannot access any of the configuration files directly in Splunk Cloud.

View solution in original post

Reply
Solved! Jump to solution
Solution

lguinn2
Legend
‎11-22-2016 05:57 PM

I don't know exactly what you mean by "access control." There are several files that Splunk uses to determine who can login, their passwords and their roles. For your local machine, you will find this in $SPLUNK_HOME/etc/passwd and in authorize.conf. You may also have configuration files that allow users to login to Splunk with LDAP credentials, etc.

/etc/passwd must exist on all Splunk instances. Other configuration files generally exist only where users login. Usually that is the search head.

You cannot access any of the configuration files directly in Splunk Cloud.

Reply
Get Updates on the Splunk Community!

Strengthen Your Future: A Look Back at Splunk 10 Innovations and .conf25 Highlights!

The Big One: Splunk 10 is Here!  The moment many of you have been waiting for has arrived! We are thrilled to ...

Now Offering the AI Assistant Usage Dashboard in Cloud Monitoring Console

Today, we’re excited to announce the release of a brand new AI assistant usage dashboard in Cloud Monitoring ...

Stay Connected: Your Guide to October Tech Talks, Office Hours, and Webinars!

What are Community Office Hours? Community Office Hours is an interactive 60-minute Zoom series where ...