Installation and Configuration Guide

 


Download the Splunk App for VMware
Install the Splunk App for VMware
Install the Splunk Add-on for vCenter
Validate your installation

Credentials.pl

This documentation does not apply to the most recent version of VMW. Click here for the latest version.

Credentials.pl

Run credentials.pl to obfuscate passwords for your engine.conf files. As the splunkadmin user you can run this tool on the command line. It accepts standard Unix command line arguments, such as --file /path/to/file or -f /path/to/file. When you give credentials.pl a credentials file with unencrypted passwords that conform to the specifications of the credentials file, credentials.pl recreates the exact file except that the passwords are correctly encrypted. You can also give a credentials file to credentials.pl and enter simple commands to cover CRUD functions. credentials.pl can accept clear test passwords containing all characters. It takes them and encrypts them to a file called credentials.conf. By default you must paste the file in.

Reference the table for a complete description of credentials.pl.

The Credential Manager Tool

Tool name Credentials.pl
Location $SPLUNK_HOME/etc/apps/Splunk_TA_vmware/bin directory.
Prerequisites
  • Modify engine.template as needed in the $SPLUNK_HOME/etc/apps/local directory.
  • Create a credentials.conf file in $SPLUNK_HOME/etc/apps/Splunk_TA_vmware/local. You can give this file any name.
  • To run credentials.pl you must be logged in as the splunkadmin user.
Inputs A credentials file with unencrypted passwords
Outputs The credentials.conf file. This is a recreation of the credentials file but the passwords are now encrypted
Command line syntax ../bin/credentials.pl <Arguments> <my_credentials.conf>
Interactive mode syntax ../bin/credentials.pl -i
Command line usage Run credentials.pl from $SPLUNK_HOME/etc/apps/Splunk_TA_vmware/local.

perl credentials.pl -f creds.txt
perl credentials.pl -h
perl credentials.pl -f path/to/file [-c]
perl credentials.pl -i
When including multiple hosts, separate each host using a pipe |, and make sure that you include a trailing |.
For example: host1.splunk|host2.splunk|host3.splunk|
For Active Directory accounts, use Domain\UID.

Arguments -h, --help Shows help

-f, --file Specifies a file from which to read the credentials. For example, if you your input file is credentials.conf, then type -f credentials.conf. You can specify wildcards in the filename. This enables you to specify more than one file with the same name to credentials.pl. For example, you can specify: perl credentials.pl -f ../local/engine*.conf -a -c
-i, --interactive Runs credentials.pl in interactive mode. In interactive mode, the script prompts you for user IDs and passwords and then creates a credentials.conf file.
-c, --convertengine Accepts engine.conf as the source file and processes it accordingly
-o, --outfile Specifies a file name to where the credentials are written(secret option)

Examples This is a sample credentials.conf file:
[default] 
host= 
username=guest 
password=guest

[host] 
host=esx1234.mycompany.com|esx1235.mycompany.com|
username=foo 
password=bar

[host2] 
host=1.2.3.4 
username=baz 
password=biz

The Credentials storage file

The credential storage file, credentials.conf, is a standard configuration file secured with minimal permissions. The passwords in the file are obfuscated. All other fields remain in clear text.

The file contains the following stanzas:

  • List Stanza: A stanza that lists many hosts with a single user and password.
  • Default Stanza: A stanza for all hosts that are not mentioned anywhere else in the file and the set of credentials to be used for all the hosts. There is only one of these stanzas.
  • Single Entry Stanza: A stanza used to specify one host and the set of credentials for it.
  • Regex Stanza: A stanza used for all hosts and a set of credentials to be used for all hosts that match the specified regular expression.

All stanzas in the file contain host, user, and password information.

This documentation applies to the following versions of VMW: 1.0.2 , 1.0.3 , 2.0 View the Article History for its revisions.


You must be logged into splunk.com in order to post comments. Log in now.

Was this documentation topic helpful?

If you'd like to hear back from us, please provide your email address:

We'd love to hear what you think about this topic or the documentation as a whole. Feedback you enter here will be delivered to the documentation team.

Feedback submitted, thanks!