SLLogCollector .zip files and Passwords

Solved1.15K viewspassword SLLogCollector
2
0 Comments

Hi, a user has advised of strict requirement around the outputs of SLLogCollector (.zip file) to not contain any passwords (whether it be hashed or encrypted). If this condition is not met, the user is unable to grant permission for the transfer of the SLLogCollector .zip files from their network for analysis at Skyline.

Is there a version of SLLogCollector (current or to be released) that has the capability to produce .zip output files that do not contain any passwords (whether it be hashed or encrypted).

Short term solution/workaround:
(1) Is there a list of files that we can manually edit / delete from .zip to meet the requirements above?
(2) Will deleting the said files from .zip impact analysis process?

Bing Herng Chong [SLC] [DevOps Advocate] Selected answer as best 29th August 2022

2 Answers

2
4.03K 1 Comment

Hi Bing,

I did some checks and I could not find any passwords - encrypted/hashed stored in the log collector package.
However, this is if you set the passwords from System Center --> Database.
If you hardcode your password directly in db.xml, then the password will also be present in the log collector package.

Michiel Saelen [SLC] [DevOps Enabler] Posted new comment 22nd August 2022
Michiel Saelen [SLC] [DevOps Enabler] commented

You might indeed find references to passwords in the logcollector package. These references do not contain any information on the password. Without access to the DMA itself on which the references were made, there is no way to get any information on the password.
You are viewing 1 out of 2 answers, click here to view all answers.