I have a regularly scheduled job which generates a log-file which I then use my local splunk light-forwarder to send to a remote splunk instance with splunk add oneshot $LOG_FILE -sourcetype $SOURCE
This ends up requiring authentication. I know that I could hard-code a "-auth user:pass" argument into the script as well, but I'd prefer to not do that and instead be able to just disable authentication on the local host for splunk cli access. Is there a way to do this?
Just dump the file in a batch directory such as $SPLUNK_HOME/var/spool/splunk
. This does not require authentication, and you can control the sourcetype, source, etc with dynamic metadata assignment:
http://docs.splunk.com/Documentation/Splunk/latest/Data/Assignmetadatatoeventsdynamically
Just dump the file in a batch directory such as $SPLUNK_HOME/var/spool/splunk
. This does not require authentication, and you can control the sourcetype, source, etc with dynamic metadata assignment:
http://docs.splunk.com/Documentation/Splunk/latest/Data/Assignmetadatatoeventsdynamically
link above has moved to :
http://docs.splunk.com/Documentation/Splunk/latest/Data/Assignmetadatatoeventsdynamically
I actually think this would be useful as well, something like kerberos's kadmin.local binary.
I do not think you can disable authentication. You have two options that i can think of:
cheers!
.gz
i couldn't find this, where is this documented?
where is this username/password envvar documented?
the export of the user password into environment variables worked great... thanks
This approach is just what I was looking for. Thanks!