Hi,
I have some problems with running the following command.
$ splunk add forward-server host:port
It asks for username and password, i assume that the credentials should be the ones used when logging in to the Splunk WebUI. But authentication fails. I have also tried with the credentials for the local Splunk account. But still no luck.
When reading the Universal Deployment Manual I can not see any information about authentication. I have not added any SSL Cert, i guess this issue can be related to SSL communication between Forwarder and Reciever. But i just want to use the default certs.
I have tried running the command both as root and splunk user. But no luck at all.
Any ideas?
there is a small hint in the universalforwader docu.(i think its a comment)
it is the default login:
admin/changeme
Thank you lukejadamec, that was outside my thinking box at the time of writing - the file is like a htpasswd file... I should have noticed that 🙂 Thanks
Yes, there is a way to change the password without using the -password parameter.
See this article from Splunk:
docs.splunk.com/Documentation/Splunk/5.0.3/Security/Deploysecurepasswordsacrossmultipleservers
Is there a way to change the password without using the "-password
there is a small hint in the universalforwader docu.(i think its a comment)
it is the default login:
admin/changeme
search is your friend:)
./splunk edit user admin -password coolNewP455w3rdddd
Hi,
Thank you that did the trick! But the password for "admin" i use to login to WebUI has been changed is not "changeme". How can i change that password?
Frej