Splunk® Enterprise

Admin Manual

Splunk Enterprise version 7.2 is no longer supported as of April 30, 2021. See the Splunk Software Support Policy for details. For information about upgrading to a supported version, see How to upgrade Splunk Enterprise.
This documentation does not apply to the most recent version of Splunk® Enterprise. For documentation on the most recent version, go to the latest release.

passwords.conf

The following are the spec and example files for passwords.conf.

passwords.conf.spec

   Version 7.2.10

 This file maintains the credential information for a given app in Splunk Enterprise.

 There is no global, default passwords.conf. Instead, anytime a user creates
 a new user or edit a user onwards hitting the storage endpoint
 will create this passwords.conf file which gets replicated 
 in a search head clustering enviornment.
 Note that passwords.conf is only created from 6.3.0 release.

 You must restart Splunk Enterprise to reload manual changes to passwords.conf.

 To learn more about configuration files (including precedence) please see the
 documentation located at
 http://docs.splunk.com/Documentation/Splunk/latest/Admin/Aboutconfigurationfiles
 More details for storage endpoint is at
 http://blogs.splunk.com/2011/03/15/storing-encrypted-credentials/

[credential:<realm>:<username>:]

password = <password>
* Password that corresponds to the given username for the given realm.
  Note that realm is optional
* The password can be in clear text, however when saved from splunkd the
  password will always be encrypted

passwords.conf.example

#   Version 7.2.10
#
# The following are example passwords.conf configurations. Configure properties for
# your custom application.
#
# There is NO DEFAULT passwords.conf. The file only gets created once you add/edit
# a credential information via the storage endpoint as follows.
#
# The POST request to add user1 credentials to the storage/password endpoint 
# curl -k -u admin:changeme https://localhost:8089/servicesNS/nobody/search/storage/passwords -d name=user1 -d password=changeme2
#
# The GET request to list all the credentials stored at the storage/passwords endpoint 
# curl -k -u admin:changeme https://localhost:8089/services/storage/passwords
#
# To use one or more of these configurations, copy the configuration block into
# passwords.conf in $SPLUNK_HOME/etc/<apps>/local/. You must restart Splunk to
# enable configurations.
#
# To learn more about configuration files (including precedence) please see the
# documentation located at
# http://docs.splunk.com/Documentation/Splunk/latest/Admin/Aboutconfigurationfiles
#

[credential::testuser:]
password = changeme

Last modified on 19 February, 2020
outputs.conf   procmon-filters.conf

This documentation applies to the following versions of Splunk® Enterprise: 7.2.10


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters