Skip to end of metadata
Go to start of metadata

Moogsoft AIOps includes an encryptor utility so you can encrypt passwords stored in the system.conf configuration file. Encrypted passwords in configuration files are more secure because someone with access to the configuration cannot necessarily gain access to integrated systems.

If you run in a distributed environment, run the encryptor utility on one host to create an encryption key (.key). Then copy the key to the $MOOGSOFT_HOME/etc/ directory on the remaining hosts.

Encrypt a Password

To encrypt a password, execute the moog_encryptor command as follows:

 $MOOGSOFT_HOME/bin/moog_encryptor -p <password>

 For example, to encrypt a password "Abacus":

/usr/share/moogsoft/bin/moog_encryptor -p Abacus


The moog_encryptor displays the encrypted password:

The encrypted password is: 

	KfFJGilmGGJP/qTrJV6SBs0HTTy3NpCqvGaYKviDbLQ=

When using within Javascript code or JSON file, use: 

	 {"encrypted_password":"KfFJGilmGGJP/qTrJV6SBs0HTTy3NpCqvGaYKviDbLQ="}

Each time you run moog_encryptor, it generates a different encrypted password.

Configure AIOps to use Encrypted Passwords

You can use passwords encrypted with moog_encryptor in the system.conf file as follows:

  1. Edit $MOOGSOFT_HOME/config/system.conf

  2. Identify the password you want to replace and uncomment the encrypted_password property. Comment out the password property. For example:

    "username"        : "moogsoft",
    #"password"        : "Abacus",
    "encrypted_password" : "e5uO0LY3HQJZCltG/caUnVbxVN4hImm4gIOpb4rwpF4=",
  3. Set the value of the encrypted_password property to the value returned from the moog_encryptor. For instance:

    "encrypted_password":"KfFJGilmGGJP/qTrJV6SBs0HTTy3NpCqvGaYKviDbLQ=",
  4. Change the value of the password property so that it does not match the unencrypted value of the password.

Change the Location of the Encryption Key

By default, the encryptor utility uses a key at the following location:

 $MOOGSOFT_HOME/etc/.key

The encryptor utility creates a new key if one does not already exist.

If you want to use a different location for the key, uncomment the encrpytion section in system.conf. Set the value of the encryption_key_file property to a new path for the key. For example:


        # Uncomment the encryption section if you want to specify the location
        # for the encryption key file.
         ,
         "encryption" :
         {
            # Use this to change the default location of the encryption key file
             "encryption_key_file" : "/usr/share/example/.key"
         }
        #

You must configure Moogsoft AIOps to use the same .key file you used to encrypt passwords. If you encrypt a password using one key and then change the configuration to use another key, decryption fails.




6 Comments

  1. for what? configuration files stored on the file system?

  2. Suggest: You can use the moog_encryptor utility to ....

  3. Where is this encrypted_password field?

  4. Suggest:

    To encrypt a password using the moog_encryptor:

  5. The moog_encryptor writes the encrypted password to the the standard out? Or, more simply. The moog_encryptor displays the encrypted password. 

  6. I think for Linux style it is monospace. Please add to style guide.