Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

admin password on command line

steinerdani
Engager
‎12-01-2010 03:10 PM

The splunkweb front end (webserver) is disabled. How can I check the admin password from the command line?

Tags (1)
Reply
1 Solution
Solved! Jump to solution
Solution

MarioM
Motivator
‎12-01-2010 04:18 PM

Do you mean changing the admin password? For example:

./splunk edit user admin -password foo -role admin -auth admin:changeme

This command changes the admin password from changeme to foo.

Note: Passwords with special characters that would be interpreted by the shell (for example $ or !) must be either escaped or single-quoted:

./splunk edit user admin -password 'fflanda$' -role admin -auth admin:changeme

or

./splunk edit user admin -password fflanda\$ -role admin -auth admin:changeme

View solution in original post

Reply
Solved! Jump to solution

southeringtonp
Motivator
‎12-01-2010 04:19 PM

You can't decrypt the password if that's what you're asking.

You can reset it: http://answers.splunk.com/questions/834/how-could-i-reset-the-admin-password

Or just try logging in from the command line:

splunk login

Another option would be to try logging in via the REST API. Here's an example: http://answers.splunk.com/questions/8940/how-can-i-run-searches-against-the-splunk-api

Reply
Solved! Jump to solution
Solution

MarioM
Motivator
‎12-01-2010 04:18 PM

Do you mean changing the admin password? For example:

./splunk edit user admin -password foo -role admin -auth admin:changeme

This command changes the admin password from changeme to foo.

Note: Passwords with special characters that would be interpreted by the shell (for example $ or !) must be either escaped or single-quoted:

./splunk edit user admin -password 'fflanda$' -role admin -auth admin:changeme

or

./splunk edit user admin -password fflanda\$ -role admin -auth admin:changeme
Reply
Solved! Jump to solution

suttonj
Engager
‎03-04-2015 08:11 AM

this process will expose the new password in clear text in the servers history. Is there a way of doing this without exposing the password? (other than doing it on one server then deleteing the history and then copy the passwd file to all other servers than need their password changed from the default)

Reply
Solved! Jump to solution

ThomasControlw1
Explorer
‎03-10-2017 07:48 AM

history -c will deleate all your CLI history 😄
cheers

0 Karma
Reply
Solved! Jump to solution

corydodt
Engager
‎06-20-2016 06:36 PM

Try this

# read -s 'pw?password: '; echo; splunk edit user admin -password "$pw" -role admin -auth admin:changeme
password: 
User admin edited.
Reply
Get Updates on the Splunk Community!

Transforming Financial Data into Fraud Intelligence

Every day, banks and financial companies handle millions of transactions, logins, and customer interactions ...

How to send events & findings from AWS to Splunk using Amazon EventBridge

Amazon EventBridge is a serverless service that uses events to connect application components together, making ...

Exciting News: The AppDynamics Community Joins Splunk!

Hello Splunkers,   I’d like to introduce myself—I’m Ryan, the former AppDynamics Community Manager, and I’m ...
Top