Splunk Dev
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How to retrieve password from password.conf in python script?

splunker2117
Loves-to-Learn Lots
‎10-10-2022 05:08 AM

Please help in reading the credentials from password.conf in python script. 

 

0 Karma
Reply

splunker2117
Loves-to-Learn Lots
‎10-11-2022 11:51 AM

Here I do not want to expose admin credentials even. Is there any way to read password.conf without passing admin credentials. Basically I need to retrieve secrets while running custom command. 

0 Karma
Reply

tcole_splunk
Splunk Employee
Splunk Employee
‎10-11-2022 12:01 PM

I'm not sure I understand. You need to pass in credentials in order to read passwords.conf, because this file is encrypted and you need to ensure secure access. In order to call the storage/passwords endpoint, the user needs to belong to a role with certain capabilities assigned. See https://dev.splunk.com/enterprise/docs/developapps/manageknowledge/secretstorage/secretstoragerbac for more details.

0 Karma
Reply

splunker2117
Loves-to-Learn Lots
‎10-12-2022 04:10 AM

Let me give you bit background @tcole_splunk  @gcusello ,

I've script to run as custom command and secrets are stored in password.conf with the help of setuppage. 

Now I am stuck where unable to read the secrets from password.conf to authenticate 3rd party API.

I've used multiple ways to read password.conf however it is failing to connect at initial stage where it call to splunk rest api to retrieve passwords.conf details. Goal is to get the session key without passing the hardcoded values so can use.

service = client.Service(token=session_key,host="127.0.0.1", port=8089)
0 Karma
Reply

tcole_splunk
Splunk Employee
Splunk Employee
‎10-12-2022 02:01 PM

Thanks for the additional information. Did you try connecting to Splunk Enterprise with the Python SDK through the connect function? See https://dev.splunk.com/enterprise/docs/devtools/python/sdk-python/howtousesplunkpython/howtoconnectp....

After that, you should be able to retrieve passwords following the example at https://dev.splunk.com/enterprise/docs/developapps/manageknowledge/secretstorage/secretstoragepython....

0 Karma
Reply

tcole_splunk
Splunk Employee
Splunk Employee
‎10-11-2022 10:11 AM

Hello!

Just to add to what Giuseppe posted, you can retrieve credentials from passwords.conf using the storage/passwords REST API endpoint and the Splunk SDK for Python. Here is the documentation explaining how to do this:

 https://dev.splunk.com/enterprise/docs/developapps/manageknowledge/secretstorage/secretstoragepython

Good luck!

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎10-10-2022 06:12 AM

Hi @splunker2117,

if you launch your python script as a Splunk input, you can store password in encrypted mode in Splunk passing them from Splunk.

For more infos see at https://www.splunk.com/en_us/blog/security/storing-encrypted-credentials.html

https://www.splunk.com/en_us/blog/tips-and-tricks/store-encrypted-secrets-in-a-splunk-app.html#:~:te....

https://www.splunk.com/en_us/blog/security/storing-encrypted-credentials.html?_ga=2.20827064.1642756...

This is to create a setup pdashboard in your App to insert pasword:

https://www.splunk.com/en_us/blog/tips-and-tricks/enable-first-run-app-configuration-with-setup-page....

Ciao.

Giuseppe

0 Karma
Reply
Get Updates on the Splunk Community!

How to Monitor Google Kubernetes Engine (GKE)

We’ve looked at how to integrate Kubernetes environments with Splunk Observability Cloud, but what about ...

Index This | How can you make 45 using only 4?

October 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Splunk Education Goes to Washington | Splunk GovSummit 2024

If you’re in the Washington, D.C. area, this is your opportunity to take your career and Splunk skills to the ...