Splunk Dev
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Deployment Server access via Winscp

daisy
Explorer
‎04-21-2022 01:13 PM

hi all, I would like to access DS via Winscp so I can look at and donwload some apps. The problem is that Splunk is installed as and owned by splunk user. When I use Putty, I use "sudo su - splunk" and am able to make changes to any directories under /opt/splunk. Can someone give me a hint what I need to change for Winscp to be able to use it and access the directories as I am currently getting "permission denied" messages. 

Thanks!

Labels (1)
Labels
0 Karma
Reply

isoutamo
SplunkTrust
SplunkTrust
‎04-21-2022 01:29 PM

Hi

I don't know is there an any easy way to do it or not. If I recall right there could be some way to configure sftp server on node to accept this? Probably this is not the best way in security point of view? But I suppose that still it's much better to copy those apps to your own user on DS and then use "sudo cp ...." to get those to correct places. Also remember to do "sudo chown ..." for copied files.

Even better way to deploy and keep track of those is use e.g. git to store those configurations and then deploy those from it.

r. Ismo

Reply

daisy
Explorer
‎04-22-2022 12:46 AM

Thanks, this is a good workaround. I will give it a try. 

0 Karma
Reply

Stefanie
Builder
‎04-21-2022 01:28 PM

Are you able to login to WinSCP using a non-splunk account and then tell WinSCP to use sudo on login? 

https://winscp.net/eng/docs/faq_su#use_sudo_on_login

(Example) In the WinSCP login options window:

Click Advanced options
Go to Environment --> SCP/Shell (on left)
Select Shell: "sudo su - splunk"
Reply

daisy
Explorer
‎04-22-2022 12:47 AM

I was looking for this option (as I read online about it) but couldn't find it so it might be disabled. Is it possible taht it is disabled or should I look further for it?

0 Karma
Reply

Stefanie
Builder
‎04-22-2022 05:19 AM

I'm not familiar with using winscp all that much. I typically use putty and pscp.

If it's a software installed by your IT department then it's possible they have some features disabled.

I use pscp to transfer files to my server as my user account and then "sudo chown" the files to the splunk user, the same process that isoutamo mentioned.

 

 

0 Karma
Reply
Get Updates on the Splunk Community!

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...

Get the T-shirt to Prove You Survived Splunk University Bootcamp

As if Splunk University, in Las Vegas, in-person, with three days of bootcamps and labs weren’t enough, now ...

Wondering How to Build Resiliency in the Cloud?

IT leaders are choosing Splunk Cloud as an ideal cloud transformation platform to drive business resilience,  ...