What are the effects on a distributed deployment if I disable ssl on port 8089?
To engineer one of my DATA sources using the REST API, I have to disable HTTPS in server.conf. Could any splunk-ers tell me, what are, if any, the effects on Splunkd and my deployment process? I...
View ArticleIs the process different for creating SSL certificates for receiving vs for...
I'm trying to set up new Splunk indexers to replace our older ones. I want to set them up similarly to the old indexers where splunkweb is secured, but also the indexers receive forwarder traffic via...
View ArticleSplunk certificates required for 3rd Party Application?
I am making a 3rd party application using Splunk API . I noticed that in server.conf, by toggling the enableSplunkdSSL to true or false secure or unsecure the splunkd port. However, I am not at all...
View ArticleHow to access https management port from my application when...
I am making a call from a node to a Splunk instance i.e. 8089 port which is running by default on https protocol and uses Splunk Default Certfiicate. So when I make changes to enableSplunkdSSL = false,...
View ArticleHow to configure a Splunk 6.2.3 search head cluster behind an AWS Elastic...
We are running 6.2.3 and are using search head clustering. We would like to use an AWS ELB to terminate SSL, and then send the data to port 8000 on the search head nodes. The problem is that Splunk Web...
View ArticleCustom SSL certificate for deployment server SSLCommonNameToCheck
I am trying to troubleshoot where my issue lies in implementing my own SSL certificates to secure the deployment server to client configuration. DS server.conf: [sslConfig] caCertFile = cacert.crt...
View ArticleSplunk Support for Active Directory: "SSLError at...
Hello, I am attempting to configure SA-ldapsearch on our Splunk 6.3.1 cluster with search head cluster. I have installed SA-Ldapsearch on the deployer and pushed the bundle, no issue there. I am...
View ArticleMobile Access to a SearchHead with own SSL Certificate
Hey, i have a SearchHead in the DMZ for the access with the Splunk Mobile App, connecting to the Management Port 8089. Now I would like to install my own ssl certificates. Do I have to configure this...
View ArticleSplunk Mobile App: How to configure Mobile Access to a Search Head with own...
Hey, I have a Search Head in the DMZ for the access with the Splunk Mobile App, connecting to the Management Port 8089. Now I would like to install my own ssl certificates. Do I have to configure this...
View ArticleSplunk Support for Active Directory 2.1.1: KeyError at...
I'm trying to configure version 2.1.1 of the app Splunk Support for Active Directory and I get this error when trying to use it or test the connection. I am using Splunk version 6.3, and I have tried...
View ArticleSplunk Support for Active Directory 2.11: KeyError at...
I'm trying to configure version 2.1.1 of the app Splunk Support for Active Directory and I get this error when trying to use it or test the connection. I am using Splunk version 6.3, and I have tried...
View ArticleHow do I read SSL Certificates from Custom Folder?
I tried to get my indexer and forwarders communicating using SSL by following [this][1] guide. However, I found that I couldn't get it working without just throwing all of the certificates into auth...
View ArticleHow to troubleshoot "Splunkd daemon is not responding...the handshake...
Hi All, Since about 2 months ago, our **Splunk 6.0** deployment started encountering these errors out of nowhere on a frequent basis. It is causing us much distress because a reboot is always needed to...
View ArticleWhy are third-party certs getting deleted out of the...
Anyone know what would cause all the certs to be deleted out of the `$SPLUNK_HOME/etc/auth/Certs` directory? Must they be put in auth?
View ArticleIs there a limitation with the ssl version allowed for the Splunk ODBC driver?
I was attempting to get the ODBC driver working in my environment. I set up the instance according to the documentation, although I found the documentation lacking for the certs assigned in...
View Articleneed help with SSL certificates
Hi , littel confused with SSL certificate types i got an PFX file (wildcard certificate) and i want to insert certificate to Splunkweb i read here:...
View ArticleWhy am I seeing "DistributedPeerManagerHeartbeat - Unable to get server info...
I have seen a few other questions similar to this one, but not exactly, and the solutions do not work. In my cluster master log, I am seeing the following error repeatedly: 01-08-2016 23:37:42.853...
View ArticleConnection problems with Universal Forwarder for Linux ARM and Splunk Cloud...
Hi everyone, I am currently trying to run the Universal Forwarder for Linux ARM on a Raspberry Pi 2 Model B with an arch linux installed. I want to forward the data to Splunk Cloud, however, I'm having...
View ArticleWhy am I getting heavy forwarder error "TcpInputConfig - SSL server...
I need to send data from a security appliance to a Splunk Heavy Forwarder on a listening port using TCP-TLS. Getting the errors below everytime in opt/splunk/var/log/splunk/splunkd.log that Splunk is...
View ArticleWhy are syslog events sent over TCP-SSL not human readable, but works fine...
Trying to get syslog sent using SSL. Port 1468 without SSL is working fine. Port 6514 is receiving syslog events, but not human readable. [tcp://1468] connection_host = dns sourcetype = syslog...
View Article