破splunk web管理员密:
ssh splunk服务器
cd /opt/splunk/etc/
rm passwd
cd /opt/splunk/etc/system/local/
cp -rv /opt/splunk/etc/system/README/user-seed.conf.example .
mv user-seed.conf.example user-seed.conf
vi user-seed.conf
[user_info] PASSWORD= xxxxx (此处为明文,默认的HASHED_PASSWORD改为PASSWORD,USERNAME那行删除) :wq
/opt/splunk/bin/splunk stop
/opt/splunk/bin/splunk start
ls /opt/splunk/etc/system/local/ (此时看user-seed.conf会被自动删除)
打开http://ip:8000 用户名:admin 密码为上面设置的明文密
