Security
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

admin password on command line

steinerdani
Engager
‎12-01-2010 03:10 PM

The splunkweb front end (webserver) is disabled. How can I check the admin password from the command line?

Tags (1)
Reply
1 Solution
Solved! Jump to solution
Solution

MarioM
Motivator
‎12-01-2010 04:18 PM

Do you mean changing the admin password? For example:

./splunk edit user admin -password foo -role admin -auth admin:changeme

This command changes the admin password from changeme to foo.

Note: Passwords with special characters that would be interpreted by the shell (for example $ or !) must be either escaped or single-quoted:

./splunk edit user admin -password 'fflanda$' -role admin -auth admin:changeme

or

./splunk edit user admin -password fflanda\$ -role admin -auth admin:changeme

View solution in original post

Reply
Solved! Jump to solution

southeringtonp
Motivator
‎12-01-2010 04:19 PM

You can't decrypt the password if that's what you're asking.

You can reset it: http://answers.splunk.com/questions/834/how-could-i-reset-the-admin-password

Or just try logging in from the command line:

splunk login

Another option would be to try logging in via the REST API. Here's an example: http://answers.splunk.com/questions/8940/how-can-i-run-searches-against-the-splunk-api

Reply
Solved! Jump to solution
Solution

MarioM
Motivator
‎12-01-2010 04:18 PM

Do you mean changing the admin password? For example:

./splunk edit user admin -password foo -role admin -auth admin:changeme

This command changes the admin password from changeme to foo.

Note: Passwords with special characters that would be interpreted by the shell (for example $ or !) must be either escaped or single-quoted:

./splunk edit user admin -password 'fflanda$' -role admin -auth admin:changeme

or

./splunk edit user admin -password fflanda\$ -role admin -auth admin:changeme
Reply
Solved! Jump to solution

suttonj
Engager
‎03-04-2015 08:11 AM

this process will expose the new password in clear text in the servers history. Is there a way of doing this without exposing the password? (other than doing it on one server then deleteing the history and then copy the passwd file to all other servers than need their password changed from the default)

Reply
Solved! Jump to solution

ThomasControlw1
Explorer
‎03-10-2017 07:48 AM

history -c will deleate all your CLI history 😄
cheers

0 Karma
Reply
Solved! Jump to solution

corydodt
Engager
‎06-20-2016 06:36 PM

Try this

# read -s 'pw?password: '; echo; splunk edit user admin -password "$pw" -role admin -auth admin:changeme
password: 
User admin edited.
Reply
Get Updates on the Splunk Community!

A Season of Skills: New Splunk Courses to Light Up Your Learning Journey

There’s something special about this time of year—maybe it’s the glow of the holidays, maybe it’s the ...

Announcing the Migration of the Splunk Add-on for Microsoft Azure Inputs to ...

Announcing the Migration of the Splunk Add-on for Microsoft Azure Inputs to Officially Supported Splunk ...

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI! Discover how Splunk’s agentic AI ...