need a credentials file instead of --auth user:pas...

ronerf · ‎12-07-2017

I want to script this for backups:

splunk _internal call /data/indexes/main/roll-hot-buckets --auth 'username:password'

Is there a way to call an external credentials file from the splunk command so the password isn't on the command line?

nickhills · ‎12-07-2017

Spent 2 mins more thinking about it..
- for a very basic level of obfuscation:

echo admin:changeme|base64 > credential.txt

and then:

splunk _internal call /data/indexes/main/roll-hot-buckets --auth $(cat credential.txt|base64 --decode)

Still trivial to circumvent, but prevents someone reading it over your shoulder!

If my comment helps, please give it a thumbs up!

ronerf · ‎12-07-2017

Thanks; your solutions involve leveraging the shell, which has its own problems. I was hoping for a switch in the splunk command itself.

nickhills · ‎12-07-2017

I have not tested this, but if your not too concerned about the credentials being in a clear (albeit separate) file

In credential.txt:

admin:changeme

then you can run

splunk _internal call /data/indexes/main/roll-hot-buckets --auth $(< credential.txt)

it should go without saying this approach is not without its pitfalls, but I think it addresses your question

If my comment helps, please give it a thumbs up!

need a credentials file instead of --auth user:passwd