I want to script this for backups:
splunk _internal call /data/indexes/main/roll-hot-buckets --auth 'username:password'
Is there a way to call an external credentials file from the splunk command so the password isn't on the command line?
Spent 2 mins more thinking about it..
- for a very basic level of obfuscation:
echo admin:changeme|base64 > credential.txt
and then:
splunk _internal call /data/indexes/main/roll-hot-buckets --auth $(cat credential.txt|base64 --decode)
Still trivial to circumvent, but prevents someone reading it over your shoulder!
Thanks; your solutions involve leveraging the shell, which has its own problems. I was hoping for a switch in the splunk command itself.
I have not tested this, but if your not too concerned about the credentials being in a clear (albeit separate) file
In credential.txt:
admin:changeme
then you can run
splunk _internal call /data/indexes/main/roll-hot-buckets --auth $(< credential.txt)
it should go without saying this approach is not without its pitfalls, but I think it addresses your question