8/5/2023 0 Comments Splunk server.confThis has downstream effects of what certificates Splunk will trust. The second big issue is when you change the “sslRootCAPath” setting in the nf. When enabling certain settings in this article, we will focus on the TLS settings and getting the data encrypted, similar to how the world wide web operates. The biggest being not explicitly calling out the differences between TLS and mTLS. So how do you change these certificates? It’s pretty easy, but Splunk has several nuisances you should be aware of first. Lastly, the HTTP endpoint collector (HEC) certificate should be set up and in many instances requires a third party trusted certificate (looking at you, AWS firehose).Ĭustomizing the Splunk Certificate Authority.Third is a certificate to be used for incoming data on port 9997, again not used by default. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |