Splunk® Enterprise

Securing Splunk Enterprise

Splunk Enterprise version 7.1 is no longer supported as of October 31, 2020. See the Splunk Software Support Policy for details. For information about upgrading to a supported version, see How to upgrade Splunk Enterprise.

Change a user password

As either a user or an administrator on a Splunk platform instance that uses the native authentication scheme, you can change a password for a user. Users can change their own password, and administrators can change passwords for all users on the instance.

In Splunk Cloud Platform, you can make these changes from Splunk Web. On Splunk Enterprise, you can perform this action using either Splunk Web or the command line interface (CLI).

Changing a user password does not unlock an account if it is locked. To unlock a user account, see Unlock a user account.

It is not possible to change a user password when the Splunk platform instance uses an authentication scheme other than the native scheme. To change passwords on instances that use other authentication schemes, visit the configuration page for the identity provider to which the authentication scheme connects.

Change a user password in Splunk Web

Use the following procedure to reset credentials on a user account:

  1. In Splunk Web, select Settings > Access Controls > Users.
  2. In the Users page, select the user whose password you want to change.
  3. Type a new password for the user. Distribute this password to your user.
  4. Select Save.

Change a user password on Splunk Enterprise from the command line

A Splunk admin user with privilege to write to disk on the Splunk Enterprise instance can execute the following command.

On the instance, open a shell or command prompt and type the following CLI command:

splunk edit user <username> -auth admin:<admin_password> -password  <password>
Last modified on 04 May, 2024
Unlock a user account   Manage out-of-sync passwords in a search head cluster

This documentation applies to the following versions of Splunk® Enterprise: 7.1.0, 7.1.1, 7.1.2, 7.1.3, 7.1.4, 7.1.5, 7.1.6, 7.1.7, 7.1.8, 7.1.9, 7.1.10, 7.2.0, 7.2.1, 7.2.2, 7.2.3, 7.2.4, 7.2.5, 7.2.6, 7.2.7, 7.2.8, 7.2.9, 7.2.10, 7.3.0, 7.3.1, 7.3.2, 7.3.3, 7.3.4, 7.3.5, 7.3.6, 7.3.7, 7.3.8, 7.3.9, 8.0.0, 8.0.1, 8.0.2, 8.0.3, 8.0.4, 8.0.5, 8.0.6, 8.0.7, 8.0.8, 8.0.9, 8.0.10, 8.1.0, 8.1.1, 8.1.2, 8.1.3, 8.1.4, 8.1.5, 8.1.6, 8.1.7, 8.1.8, 8.1.9, 8.1.10, 8.1.11, 8.1.12, 8.1.13, 8.1.14, 8.2.0, 8.2.1, 8.2.2, 8.2.3, 8.2.4, 8.2.5, 8.2.6, 8.2.7, 8.2.8, 8.2.9, 8.2.10, 8.2.11, 8.2.12, 9.0.0, 9.0.1, 9.0.2, 9.0.3, 9.0.4, 9.0.5, 9.0.6, 9.0.7, 9.0.8, 9.0.9, 9.0.10, 9.1.0, 9.1.1, 9.1.2, 9.1.3, 9.1.4, 9.1.5, 9.1.6, 9.1.7, 9.2.0, 9.2.1, 9.2.2, 9.2.3, 9.2.4, 9.3.0, 9.3.1, 9.3.2, 9.4.0


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters