All Apps and Add-ons

Splunk DB Connect: Is it possible to use Python to make password changes in identities.conf?

waimeh
Engager

I am in the process of (attempting to) create a script that will find changes in a password management program and put them into the Splunk DB Connect 2 identities.conf file. However, before I get too into the weeds here, I wanted to know if it is even possible to do so outside of the Identities dashboard in the add-on itself. We were hoping to automate this so we don't have to reach out to different areas of the company every X months.

So the question is: Can I use Python to make password changes in Splunk DB Connect's identities.conf file? If so, how would one go about this?

0 Karma
1 Solution

rfitch
Path Finder

This can be done using the web API.

Here is an example of making a user:
curl -k -u admin:change https://localhost:8089/servicesNS/nobody/splunk_app_db_connect/db_connect/identities \
-d name=myDb \
-d password=s000p3r5333crkt \
-d username=splunk

And here is how you can change the password
curl -k -u admin:changeme https://localhost:8089/servicesNS/nobody/splunk_app_db_connect/db_connect/identities/**myDb** \
-d password=n33333wwwp$55w0000rd

View solution in original post

rfitch
Path Finder

This can be done using the web API.

Here is an example of making a user:
curl -k -u admin:change https://localhost:8089/servicesNS/nobody/splunk_app_db_connect/db_connect/identities \
-d name=myDb \
-d password=s000p3r5333crkt \
-d username=splunk

And here is how you can change the password
curl -k -u admin:changeme https://localhost:8089/servicesNS/nobody/splunk_app_db_connect/db_connect/identities/**myDb** \
-d password=n33333wwwp$55w0000rd

JorgeFT
Explorer

Hi! Is there any updated information regarding this?

I'm using the Splunk DB Connect Version 3.5.1 and I wanted to know if it is possible to change an identity password via REST API or using other method.

I've tested the answer in the solution but it doesn't encrypt the password in the identities.conf file.

Thank you and regards!

0 Karma

sloshburch
Splunk Employee
Splunk Employee

Nice use of the REST endpoints. Just remember the user and app namespace used here. In your example, the user is 'nobody' and the app is 'splunk_app_db_connect'. If you prefer to keep the config affiliated with different user or app namespaces, be sure to change those accordingly.

0 Karma

waimeh
Engager

Holy crap, you're a life saver! Thank you for answering! This was way better than the solution I was trying. Guess I should look more into the power of the web API.

0 Karma

rfitch
Path Finder

FYI, this is somewhat deprecated in DB Connect 3. If you still want to go this route you'll need to modify the rest map.conf file and add create. By default it only has list.

[admin_external:identities]
handlertype=python
handlerfile=rh_identities.py
handleractions=create,edit,list,remove,enable,disable,_reload,move

handleractions=list

handlerpersistentmode=true DBX-2818

capability.get=db_connect_read_identity

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...