Splunk Dev

How are passwords stored by Splunk Add-on builder?

anweshkumar12
Engager

I was trying to build an add-on using splunk add-on builder. We need to use api key to authenticate into a third party service. The question is how does splunk add-on builder store password? I created a password field and saw that the password.conf in local folder is being updated. Does this mean that password fields are encrypted and stored in password.conf? 
Any help will be really appreciated.

0 Karma
1 Solution

woodcock
Esteemed Legend

Yes, the PWs are stored in local passwords.conf file in the app using the "splunk.secret" encryption seed.  You can manually decrypt them like this:

$SPLUNK_HOME/bin/splunk show-decrypted --value 'YourPasswordHere'

View solution in original post

woodcock
Esteemed Legend

Yes, the PWs are stored in local passwords.conf file in the app using the "splunk.secret" encryption seed.  You can manually decrypt them like this:

$SPLUNK_HOME/bin/splunk show-decrypted --value 'YourPasswordHere'

Get Updates on the Splunk Community!

Deep Dive into Federated Analytics: Unlocking the Full Power of Your Security Data

In today’s complex digital landscape, security teams face increasing pressure to protect sprawling data across ...

Your summer travels continue with new course releases

Summer in the Northern hemisphere is in full swing, and is often a time to travel and explore. If your summer ...

From Alert to Resolution: How Splunk Observability Helps SREs Navigate Critical ...

It's 3:17 AM, and your phone buzzes with an urgent alert. Wire transfer processing times have spiked, and ...