Credentials.pl
Run credentials.pl
to obfuscate passwords for your engine.conf
files. As the splunkadmin user you can run this tool on the command line. It accepts standard Unix command line arguments, such as --file /path/to/file
or -f /path/to/file
. When you give credentials.pl
a credentials file with unencrypted passwords that conform to the specifications of the credentials file, credentials.pl
recreates the exact file except that the passwords are correctly encrypted. You can also give a credentials file to credentials.pl
and enter simple commands to cover CRUD functions. credentials.pl
can accept clear test passwords containing all characters. It takes them and encrypts them to a file called credentials.conf
. By default you must paste the file in.
Reference the table for a complete description of credentials.pl
.
The Credential Manager Tool
Tool name | Credentials.pl |
---|---|
Location | $SPLUNK_HOME/etc/apps/Splunk_TA_vmware/bin directory.
|
Prerequisites |
|
Inputs | A credentials file with unencrypted passwords |
Outputs | The credentials.conf file. This is a recreation of the credentials file but the passwords are now encrypted
|
Command line syntax | ../bin/credentials.pl <Arguments> <my_credentials.conf>
|
Interactive mode syntax | ../bin/credentials.pl -i
|
Command line usage | Run credentials.pl from $SPLUNK_HOME/etc/apps/Splunk_TA_vmware/local .
|
Arguments | -h, --help Shows help -f, --file Specifies a file from which to read the credentials. For example, if you your input file is |
Examples | This is a sample credentials.conf file:
[default] host= username=guest password=guest [host] host=esx1234.mycompany.com|esx1235.mycompany.com| username=foo password=bar [host2] host=1.2.3.4 username=baz password=biz |
The Credentials storage file
The credential storage file, credentials.conf
, is a standard configuration file secured with minimal permissions. The passwords in the file are obfuscated. All other fields remain in clear text.
The file contains the following stanzas:
- List Stanza: A stanza that lists many hosts with a single user and password.
- Default Stanza: A stanza for all hosts that are not mentioned anywhere else in the file and the set of credentials to be used for all the hosts. There is only one of these stanzas.
- Single Entry Stanza: A stanza used to specify one host and the set of credentials for it.
- Regex Stanza: A stanza used for all hosts and a set of credentials to be used for all hosts that match the specified regular expression.
All stanzas in the file contain host, user, and password information.
Enginebuilder.py | Go to Splunkbase |
This documentation applies to the following versions of Splunk® App for VMware (Legacy): 1.0.2, 1.0.3, 2.0
Feedback submitted, thanks!