All Apps and Add-ons

Splunk Add-on for Citrix XenServer: How do I fix passwords being stored in plain text in xsconfig.conf?

bertjo
Explorer

I was configuring the Splunk Add-On for Citrix XenServer and noticed the passwords are stored in plaintext in the xsconfig.conf file. How do I fix this?

1 Solution

cgardiner
Explorer
  I have downloaded and looked at the TA and the code being used and the simple answer to your question is no. It will not encrypt the password. The file in question is a plain text file for the TA developers own making and not something Splunk is even aware of. It would never be able to encrypt this password. If the app developer had made use of the build in password functionality and a setup.xml, this could have been handled easily. Optionally, the password could have been encrypted using his own algorithm if he so desired in the same way that DB connect does or did, but that was not done here.  
 Additionally, if you attempt to encrypt the password in the xsconfig.conf file on your own, you will break the app because the script is expecting a plain text string. IF you have any python development background and a few hours, you could make some changes to the xsUtils.py script where the user and password are read from the config and the session creation is performed. If you wrote your own encryption and decryption function into this script, all the individual input scripts would be able to make use of it. 
 Outside of this, your best bet is to try and contact the developer and ask if they would be open to adding some manner of encryption for the password on disk. Sorry I don't have a better option for you.

View solution in original post

cgardiner
Explorer
  I have downloaded and looked at the TA and the code being used and the simple answer to your question is no. It will not encrypt the password. The file in question is a plain text file for the TA developers own making and not something Splunk is even aware of. It would never be able to encrypt this password. If the app developer had made use of the build in password functionality and a setup.xml, this could have been handled easily. Optionally, the password could have been encrypted using his own algorithm if he so desired in the same way that DB connect does or did, but that was not done here.  
 Additionally, if you attempt to encrypt the password in the xsconfig.conf file on your own, you will break the app because the script is expecting a plain text string. IF you have any python development background and a few hours, you could make some changes to the xsUtils.py script where the user and password are read from the config and the session creation is performed. If you wrote your own encryption and decryption function into this script, all the individual input scripts would be able to make use of it. 
 Outside of this, your best bet is to try and contact the developer and ask if they would be open to adding some manner of encryption for the password on disk. Sorry I don't have a better option for you.

adonio
Ultra Champion

did you restart splunk?

0 Karma

bertjo
Explorer

Yes, it doesn't do anything. The best thing I can think of is that Splunk only looks for standard files (inputs.conf,etc.) and not something with the weird names like xsconfig.conf. If splunk wont do it automatically is there a way to manually do it?

0 Karma
Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...