Re: Clear text password in command line

vb · ‎06-29-2022

mogod command line argument having clear text password like "--sslPEMKeyPassword=password"

how to avoid clear text password while calling splunkd.exe service ?

Thanks

vb · ‎06-29-2022

not manually , part of default splunk startup

isoutamo · ‎06-29-2022

And it’s still there after restart splunk service on windows?

vb · ‎06-29-2022

looks like its in default>server.conf as sslPassword , any way to encrypt this while starting splunk ?

isoutamo · ‎06-29-2022

All passwords should be on local versions to get those encrypted. You never should edit any default versions!

vb · ‎06-29-2022

local version already having below

[sslConfig]
sslPassword = $7$wSzCbriq823AZTb1HjN7NP8TWXmFZu6R5WvTaFk1/4Rd+L/V66Rkkw==

problem is , I was using this splunk installation from last few years on my laptop , now one of my new company policy triggered alert due to that clear text password while starting splunkd , looking out way to avoid this , any help in this is appreciated , thanks

vb · ‎06-29-2022

yes , its still thr

isoutamo · ‎06-29-2022

I think that this should be on conf files not on cmd line. Are this mongodb started manually? Unfortunately I haven’t any windows splunk to check this?

How to avoid clear text password while calling splunkd.exe service?

configuration

installation

Operationalizing TDIR: Building a More Resilient, Scalable SOC

Almost Too Eventful Assurance: Part 1

Demo Day: Strengthen Your SOC with Splunk Enterprise Security 8.1

Are you a member of the Splunk Community?