Using an HTTP Event Collector, How do I enable SSL certificate validation...
Splunk logging for .NET can't connect to my Splunk enterprise using Http Event Collector. Other than disable SSL, How do I enable SSL certificate validation using Splunk logging for .net?
View ArticleHow do I find the SSL version the Splunk forwarder is using to send the data?
I need to validate all my forwarders to check which SLL version(TLS1.2, TLS1.1, ETC) they are using to send data. We recently deployed changes to all the agents to use TLS1.2, but we need to validate...
View ArticleIndexer shows receiving port open, but OS does not
I'm trying to have 2 receiving ports on my index cluster, 1 as 9997 for local traffic, 1 as 9996 tcp for remote traffic. Both ports show as enabled in forwarding/receiving, and 9996 shows in a btool,...
View ArticleWhy does our Indexer show that the receiving port is open but OS does not?
I'm trying to have 2 receiving ports on my index cluster, 1 as 9997 for local traffic, 1 as 9996 TCP for remote traffic. Both ports show as enabled in forwarding/receiving, and 9996 shows in a btool,...
View ArticleHow do you change the SSL setting back to no SSL?
I changed the SSL setting in my local instance of Splunk. I changed it from nonsecure to secure. How do I change it back? I can't get into my local instance of Splunk Enterprise.
View ArticleHow to setup an NGINX-proxy for deployment
I am trying to configure an NGINX-proxy that will forward all requests from a Universal Forwarder to the Deploymentserver in my Splunk-cluster. I have tried to follow the examples that are available on...
View ArticleConfigure Forwarder To Connect to TCP Receiver Using SSL
Hello Everyone, I'm trying to connect multiple Windows Splunk Universal Forwarders to a TCP receiver I am running in Splunk Enterprise. I have this working without any issues making a non-SSL...
View ArticleHow do you configure forwarder to connect to TCP receiver using SSL?
Hello Everyone, I'm trying to connect multiple Windows Splunk Universal Forwarders to a TCP receiver. I am running in Splunk Enterprise. I have this working without any issues, making a non-SSL...
View ArticleHow do you build a search that gets a list of forwarders using SSL with...
Can you help me make a search/query so I can get a list of forwarders using SSL with successful connections?
View ArticleDisable verify SSL cert
Hello Splunkers, I'm attempting to use the Jira addon but am having issues with SSL verification and would like to perform the deceptively complex task of disabling certificate verification. I've seen...
View ArticleSSL and Authentication between Universal forwarder and Heavy forwarder
I am planning to use a bunch of Universal forwarders , sending logs to a group of Heavy forwarders. How do I enable SSL and Authentication between Universal forwarder and Heavy forwarder?
View ArticleHow do I enable SSL and authentication between the universal forwarder and...
I am planning to use a bunch of universal forwarders, sending logs to a group of heavy forwarders. How do I enable SSL and Authentication between universal forwarder and heavy forwarder?
View ArticleSSL Error while connecting forwarder to Indexer
Hello, I am trying to connect Splunk Forwarder 6.3.3 to Indexer 6.6.3. I am getting the below error while using ssl: ERROR TcpOutputFd - Connection to host=xx.x.xxx.xxx:9997 failed. sock_error = 0. SSL...
View ArticleWhy deployment-server can't display app of UF by handshake failure?
UF : 6.4.5 Deployment-server : 6.6.11 If I execute this in UF, it is no problem. /opt/splunkforwarder/bin/splunk display app -uri https://:8089 -auth : But if I execute this in deployment-server, below...
View ArticleWebhook SSL/HTTPS
Hi, we are developing a solution that uses timed searches to trigger a webhook to call an application API and take some action on our system. In our development environments, the app is not secured via...
View ArticleSending email via SSL/TLS using localhost
Hello all, I am attempting to get my Splunk VM to send email via SSL or TLS using the localhost settings. I want to use localhost because I do not have access to any mail relay (3rd party such as...
View ArticleSSL between forwarders and indexers
Is it possible to have index cluster tier which can support both non-ssl and ssl forwarders without running multiple instances?
View ArticleSSL Certs and verification
Hello All I have the following configuration that I would like to see work if possible. A server in the DMZ setup as a intermediary to capture logs from devices in AWS being transported over the...
View ArticleSSL Certificate In Splunk
Hi all , We are using a clustered environment. We have the SSL certificate enable, which default shipped by Splunk. They are expiring this month. I checked the web.conf file — over there SSL is...
View ArticleHow to log pre master key to SSLKEYLOGFILE
Hi there Im a IT trainee working on my final school project. For that i have a complete Splunk setup with Indexer Cluster, Search Head Cluster, Deployment Server and a HA proxy, everything running on...
View Article