What is the root user or splunk user's password for the Splunk 6.4 AMI? Not the Splunk Web UI, but the OS password.
I need to adjust some iptables and firewall settings which require admin access.
This is not Splunk Cloud, but BYOL Splunk AMI.
It turns out that once you are logged onto the CLI using the ec2-user that you can change to the "root" or "splunk" user by doing one of the following:
$ sudo su - splunk
OR
$ sudo su - root
It turns out that once you are logged onto the CLI using the ec2-user that you can change to the "root" or "splunk" user by doing one of the following:
$ sudo su - splunk
OR
$ sudo su - root
username: admin
password: instance id from management console
See About the Splunk Enterprise AMI in the Splunk Enterprise Admin Manual and the Usage instructions on the AWS marketplace page.
I downvoted this post because these are the Splunk Web credentials; not the credentials for ssh access.
I asked one of the engineers about this, he said:
When launching an AMI from the marketplace, the user will pick their own ssh keys for access to the instance, usually using the 'ubuntu' user. I doubt the 'splunk' user has any keys setup for SSH access, but a customer could set them up themselves. There is probably no password, it just uses SSH key for auth.
I downvoted this post because these are the Splunk Web credentials; not the credentials for ssh access.
That is the password for the UI - I am also looking for the password for the "splunk" user on the OS itself in the Splunk AMI.