Our security team is complaining that the password for InfluxDB is in clear text in the Telegraf configuration file.
Is there a way to hash/obfuscate this so that the password is not in clear text?
Our security team is complaining that the password for InfluxDB is in clear text in the Telegraf configuration file.
Is there a way to hash/obfuscate this so that the password is not in clear text?
Good question. Our security team also wants to hide original password not only to InfluxDB, but to all monitoring sources: RabbitMQ, Couchbase, Oracle, etc.
Is there a way to hide/remove this information from config file?
The only technique I know of is to set an environment variable with the password and use that from the configuration file. You could open a new issue on github and we could discuss the design of some other options.
I’ve created new issue: Hide passwords in Telegraf config · Issue #3124 · influxdata/telegraf · GitHub