Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Password secure investigation

Steave4app
New Member
‎12-30-2016 07:28 AM

Hi Guys,

How would we know if password are sending into clear text format or not. Is there any query or way which can we see by the Splunk.

Can I get some guide or light on this?

Tags (1)
0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎12-30-2016 07:35 AM

Hi Steave4app,
passwords are stored and sent encrypted.
In addition, if you want, it's possible to use SSL to encrypt logs transfer from forwarders to Indexers.
Management communications (port 8089) use always SSL.

See: http://docs.splunk.com/Documentation/Splunk/latest/Security/WhatyoucansecurewithSplunk

Bye.
Giuseppe

0 Karma
Reply

Steave4app
New Member
‎12-30-2016 07:56 AM

How about user passwords? Any windows or linux or ssh password are sending in clear text format.. Is there any way to confirm this in the Splunk?

0 Karma
Reply

gcusello
SplunkTrust
SplunkTrust
‎12-30-2016 08:23 AM

If password are logged in clear text, they remain in clear text, but it's possible to mask them in Input Phase or also in search Phase (but it's less secure).
See https://docs.splunk.com/Documentation/Splunk/6.5.1/Data/Anonymizedata

Bye.
Giuseppe

0 Karma
Reply
Get Updates on the Splunk Community!

Modern way of developing distributed application using OTel

Recently, I had the opportunity to work on a complex microservice using Spring boot and Quarkus to develop a ...

Enterprise Security Content Update (ESCU) | New Releases

Last month, the Splunk Threat Research Team had 3 releases of new security content via the Enterprise Security ...

Archived Metrics Now Available for APAC and EMEA realms

We’re excited to announce the launch of Archived Metrics in Splunk Infrastructure Monitoring for our customers ...