credentials.pl to obfuscate passwords for your
engine.conf files. As the splunkadmin user you can run this tool on the command line. It accepts standard Unix command line arguments, such as
--file /path/to/file or
-f /path/to/file. When you give
credentials.pl a credentials file with unencrypted passwords that conform to the specifications of the credentials file,
credentials.pl recreates the exact file except that the passwords are correctly encrypted. You can also give a credentials file to
credentials.pl and enter simple commands to cover CRUD functions.
credentials.pl can accept clear test passwords containing all characters. It takes them and encrypts them to a file called
credentials.conf. By default you must paste the file in.
Reference the table for a complete description of
The Credential Manager Tool
|Inputs||A credentials file with unencrypted passwords|
|Outputs|| The |
|Command line syntax|| |
|Interactive mode syntax|| |
|Command line usage|| Run |
|Arguments|| -h, --help Shows help |
-f, --file Specifies a file from which to read the credentials. For example, if you your input file is
|Examples|| This is a sample |
[default] host= username=guest password=guest [host] host=esx1234.mycompany.com|esx1235.mycompany.com| username=foo password=bar [host2] host=126.96.36.199 username=baz password=biz
The Credentials storage file
The credential storage file,
credentials.conf, is a standard configuration file secured with minimal permissions. The passwords in the file are obfuscated. All other fields remain in clear text.
The file contains the following stanzas:
- List Stanza: A stanza that lists many hosts with a single user and password.
- Default Stanza: A stanza for all hosts that are not mentioned anywhere else in the file and the set of credentials to be used for all the hosts. There is only one of these stanzas.
- Single Entry Stanza: A stanza used to specify one host and the set of credentials for it.
- Regex Stanza: A stanza used for all hosts and a set of credentials to be used for all hosts that match the specified regular expression.
All stanzas in the file contain host, user, and password information.
Go to Splunkbase