Splunk Enterprise Security

In Enterprise Security's credential manager, are the passwords encrypted? If yes, what level of encryption is it?

mrockowitz_splu
Splunk Employee
Splunk Employee

This is just a question if credential manager uses encryption.

0 Karma

starcher
Influencer

http://www.georgestarcher.com/splunk-stored-encrypted-credentials/

Yes, but anyone with a splunk login that has the capability in it's role:list_storage_passwords can dump them. Basically it is good enough to say the credentials are not stored in the clear in configuration files.

starcher
Influencer

As you are Splunk staff, you can hit up the prodsec team if you need more explicit details.

0 Karma
Get Updates on the Splunk Community!

Detecting Remote Code Executions With the Splunk Threat Research Team

WATCH NOWRemote code execution (RCE) vulnerabilities pose a significant risk to organizations. If exploited, ...

Enter the Splunk Community Dashboard Challenge for Your Chance to Win!

The Splunk Community Dashboard Challenge is underway! This is your chance to showcase your skills in creating ...

.conf24 | Session Scheduler is Live!!

.conf24 is happening June 11 - 14 in Las Vegas, and we are thrilled to announce that the conference catalog ...