I am in the process of (attempting to) create a script that will find changes in a password management program and put them into the Splunk DB Connect 2 identities.conf file. However, before I get too into the weeds here, I wanted to know if it is even possible to do so outside of the Identities dashboard in the add-on itself. We were hoping to automate this so we don't have to reach out to different areas of the company every X months.
So the question is: Can I use Python to make password changes in Splunk DB Connect's identities.conf file? If so, how would one go about this?
This can be done using the web API.
Here is an example of making a user:
curl -k -u admin:change https://localhost:8089/servicesNS/nobody/splunk_app_db_connect/db_connect/identities \
-d name=myDb \
-d password=s000p3r5333crkt \
-d username=splunk
And here is how you can change the password
curl -k -u admin:changeme https://localhost:8089/servicesNS/nobody/splunk_app_db_connect/db_connect/identities/**myDb** \
-d password=n33333wwwp$55w0000rd
This can be done using the web API.
Here is an example of making a user:
curl -k -u admin:change https://localhost:8089/servicesNS/nobody/splunk_app_db_connect/db_connect/identities \
-d name=myDb \
-d password=s000p3r5333crkt \
-d username=splunk
And here is how you can change the password
curl -k -u admin:changeme https://localhost:8089/servicesNS/nobody/splunk_app_db_connect/db_connect/identities/**myDb** \
-d password=n33333wwwp$55w0000rd
Hi! Is there any updated information regarding this?
I'm using the Splunk DB Connect Version 3.5.1 and I wanted to know if it is possible to change an identity password via REST API or using other method.
I've tested the answer in the solution but it doesn't encrypt the password in the identities.conf file.
Thank you and regards!
Nice use of the REST endpoints. Just remember the user and app namespace used here. In your example, the user is 'nobody' and the app is 'splunk_app_db_connect'. If you prefer to keep the config affiliated with different user or app namespaces, be sure to change those accordingly.
Holy crap, you're a life saver! Thank you for answering! This was way better than the solution I was trying. Guess I should look more into the power of the web API.
FYI, this is somewhat deprecated in DB Connect 3. If you still want to go this route you'll need to modify the rest map.conf file and add create. By default it only has list.
[admin_external:identities]
handlertype=python
handlerfile=rh_identities.py
handleractions=create,edit,list,remove,enable,disable,_reload,move
capability.get=db_connect_read_identity