SLLogCollector .zip files and Passwords

Solved868 viewspassword SLLogCollector
2
0 Comments

Hi, a user has advised of strict requirement around the outputs of SLLogCollector (.zip file) to not contain any passwords (whether it be hashed or encrypted). If this condition is not met, the user is unable to grant permission for the transfer of the SLLogCollector .zip files from their network for analysis at Skyline.

Is there a version of SLLogCollector (current or to be released) that has the capability to produce .zip output files that do not contain any passwords (whether it be hashed or encrypted).

Short term solution/workaround:
(1) Is there a list of files that we can manually edit / delete from .zip to meet the requirements above?
(2) Will deleting the said files from .zip impact analysis process?

Bing Herng Chong [SLC] [DevOps Advocate] Selected answer as best 29th August 2022

2 Answers

3
2.71K 0 Comments

Hi Bing,

If the database passwords were configured manually in C:\Skyline DataMiner\db.xml, then they will be visible unencrypted (also in the log collector package). If the passwords are set through Cube, a unique ID (in the form of a GUID) is stored in the DB.xml. DataMiner can then use this ID to look up an encrypted value of the password. The actual encrypted passwords are not part of the SLLog Collector package.

Other than this I see the cassandra.yaml file is included in the log collector package, this file may contain the certificate & password used by Cassandra in plain text (if TLS is enabled). In that case, I would recommend redacting this information as we don't need it for investigation. More specifically, redact the client_encryption_options & server_encryption_options from cassandra.yaml.

Bing Herng Chong [SLC] [DevOps Advocate] Selected answer as best 29th August 2022
2
2.54K 1 Comment

Hi Bing,

I did some checks and I could not find any passwords - encrypted/hashed stored in the log collector package.
However, this is if you set the passwords from System Center --> Database.
If you hardcode your password directly in db.xml, then the password will also be present in the log collector package.

Michiel Saelen [SLC] [DevOps Enabler] Posted new comment 22nd August 2022
Michiel Saelen [SLC] [DevOps Enabler] commented

You might indeed find references to passwords in the logcollector package. These references do not contain any information on the password. Without access to the DMA itself on which the references were made, there is no way to get any information on the password.