Splunk Add-on for Kafka : jmx.log - How to resolve JMX server error "Error...
I have enabled JMX on Kafka cluster without SSL or no credential is required. But I still below errors in jmx.log com.splunk.modinput.ModularInput -0 [main] ERROR - Error executing modular input :...
View ArticleHow to configure Splunk to use a custom CA SSL certificate for all Splunkd...
Hello Fellow Splunkers, I am about to lose my mind! At one time I was able to configure Splunk to use a custom CA cert for all splunkd traffic. Now I cannot, no matter what I do/try/wish/pray for. Let...
View ArticleIs it possible to configure a SSL Splunk server to be the License Master of a...
Hi All, So I setup a stand alone Splunk Environment and the choice was made to bind it with SSL. So we have https://BoxA that has all the roles. We now have a brand new box that we would like to use as...
View ArticleWhat protocol is used for the SSL connection between the Splunk forwarder and...
I would like to know what protocols / ciphers are used for the ssl connection. Is it SSLv3, TLS1.0, TLS1.1 or TLS1.2? Is that determined by the OS or Splunk?
View ArticleWhen trying to create a self-sign certificate, why am I receiving "unknown...
Using Splunk 6.5.1 on Windows Server 2012 R2. Pretty standard installation, one server with Splunk installed on the D drive and a bunch of forwarders. I'm trying to generate a self-signed certificate...
View ArticleHow to change the web management certificate?
I'd like to change the certificate used by Splunk to my own self-signed. I've found docs on generating via OpenSSL, but I'm not sure where they go.
View ArticleFound a SSLv3 "POODLE" vulnerability on Universal Forwarder 6.4.2. How to...
We just found SSLv3 "POODLE" vulnerability alerts from our IPS system. And our Splunk Universal Forwarder is in 6.4.2. I thought the SSLv3 POODLE issue only appear at Splunk version earlier than 6.3?...
View ArticleCan we configure the forwarders to use SFTP for transferring the files?
Can we configure the forwarders to use SFTP for transferring the files? If not is there any way to encrypt data by Universal Forwarder (UF)? Does UF support SSL?
View ArticleCan we configure some Universal Forwarders to forward data to port 9998 with...
Can we configure some Universal Forwarders to forward data to port 9998 with SSL on indexers and the remaining Universal Forwarders to forward data to port 9997 without SSL on same indexers? If yes,...
View ArticleReceiving SSL data into a forwarder - ISAM9 request_syslogs to Splunk forwarder
IBM Security Access Manager v9 build 9.0.1.0 * There is a bug which doesn't allow syslog to be sent of UDP, but TLS-TCP works. The bug is fixed in 9.0.2.0 On the **ISAM9** side, within the proxy I have...
View ArticleUnable to establish SSL connection. error when attempting to wget Splunk rpm.
I am trying to upgrade one of our Splunk servers from 6.5.1 to 6.5.2. The way we usually do this is wget to get the rpm file, but when I run: sudo wget -O splunk-6.5.2-67571ef4b87d-linux-2.6-x86_64.rpm...
View ArticleWhen trying to upgrade to 6.5.2, why am I unable to establish SSL connection...
I am trying to upgrade one of our Splunk servers from 6.5.1 to 6.5.2. The way we usually do this is wget to get the rpm file, but when I run: sudo wget -O splunk-6.5.2-67571ef4b87d-linux-2.6-x86_64.rpm...
View ArticleAfter enabling HTTPS on Splunk Web, why am I getting this error "Socket...
I'm trying to enable https to Splunk Web. It appears easy and OK to have it enabled but once it is done, splunkd.log generates this error every 5 seconds. Why am I getting this? 01-31-2017 08:48:30.127...
View ArticleSplunk Add-on for Okta: Why does Splunk not accept SSL certificate?
Splunk Add-on for Okta API fails from SSL error. Probably due to a proxy changing the certs on the way back in. Splunk does not trust this different cert. I've seen similar problems floating around the...
View Articlesecurity - ssl rest api not closed on /dev/zero stream input
If you run the command openssl s_client -connect ip:port < /dev/zero 2>&1 towards the rest api (port 8089) with ssl enabled, the tcp connection stays up forever after ssl handshake is done....
View ArticleAfter replacing the default SSL certificate, why do I receive "ERROR...
Hello Folks, I just replaced Splunk default SSL certificate with our own SSL certificate. Post installation of new SSL certificate my Unix forwarders seems working fine but Windows forwarder gives...
View ArticleHas anyone been able to get Splunk Web settings that do not trigger browser...
Has anyone been able to get Splunk Web settings that do not trigger these browser reports? web.conf [settings] enableSplunkWebSSL = 1 cipherSuite = TLSv1.2:!eNULL:!aNULL:!SHA1 supportSSLV3Only = False...
View ArticleWhy does using the HTTP Event Collector from C# WCF service fail with SSL...
hi there, I am using the Splunk Light Cloud service under trial mode to test and make sure i can do what i want with Splunk before purchasing. if i create a standalone C# program to pump events to...
View ArticleHow can you encrypt Indexers to use a specific SSL protocol over ports...
This post is to help others who may have difficulties encrypting their indexers(data) to only respond to highest SSL protocols via specific ports. A customer I was working with wanted to configure her...
View ArticleSSL "obsolete key" warning in chrome browser
Has anyone been able to get Splunk Web settings that do not trigger these browser reports? web.conf [settings] enableSplunkWebSSL = 1 cipherSuite = TLSv1.2:!eNULL:!aNULL:!SHA1 supportSSLV3Only = False...
View Article