All,
I've been asked to automatically rotate the local passwords on Splunk every week. It can be predictable. Like HelloP@ssword1June1st goes to HelloP@ssword1June8th. But just needs to rotate to meet the auditors requirement.
Any idea how I would tackle that?
I think that you should create a shell that saves the rotate number and changes the password with the Splunk command.
splunk edit user admin -password newPassowrd -auth admin:changeme
However, embedding the password in the shell is problematic in terms of security, so you have to consider how to keep it.
hey @daniel333
I can tell you a workaround I may be wrong but you can try this:
steps:
1) change the password using CLI
https://answers.splunk.com/answers/504964/how-do-we-change-an-user-password-from-command-lin.htmlhtt...
2) write a bash script and schedule a crontab to run every week
I hope that helps you!