Splunk Enterprise

How to avoid clear text password while calling splunkd.exe service?

vb
Explorer

mogod command line argument having clear text password like "--sslPEMKeyPassword=password"

how to avoid clear text password while calling splunkd.exe service ?

 

Thanks

Labels (2)

vb
Explorer

not manually , part of default splunk startup

0 Karma

isoutamo
SplunkTrust
SplunkTrust

And it’s still there after restart splunk service on windows?

0 Karma

vb
Explorer

looks like its in default>server.conf as sslPassword , any way to encrypt this while starting splunk ?

0 Karma

isoutamo
SplunkTrust
SplunkTrust

All passwords should be on local versions to get those encrypted. You never should edit any default versions!

0 Karma

vb
Explorer

local version already having below 

[sslConfig]
sslPassword = $7$wSzCbriq823AZTb1HjN7NP8TWXmFZu6R5WvTaFk1/4Rd+L/V66Rkkw==

 

problem is , I was using this splunk installation from last few years on my laptop , now one of my new company policy triggered alert due to that clear text password while starting splunkd , looking out way to avoid this , any help in this is appreciated , thanks

0 Karma

vb
Explorer

yes , its still thr

0 Karma

isoutamo
SplunkTrust
SplunkTrust

I think that this should be on conf files not on cmd line. Are this mongodb started manually? Unfortunately I haven’t any windows splunk to check this?

0 Karma
Get Updates on the Splunk Community!

Operationalizing TDIR: Building a More Resilient, Scalable SOC

Optimizing SOC workflows with a unified, risk-based approach to Threat Detection, Investigation, and Response ...

Almost Too Eventful Assurance: Part 1

Modern IT and Network teams still struggle with too many alerts and isolating issues before they are notified. ...

Demo Day: Strengthen Your SOC with Splunk Enterprise Security 8.1

Today’s threat landscape is more complex than ever. Security operation centers (SOCs) are overwhelmed with ...