topic Re: How to secure the HTTP-Event-Collector with SSL on Splunk Cloud? in Splunk Cloud Platform https://community.splunk.com/t5/Splunk-Cloud-Platform/How-to-secure-the-HTTP-Event-Collector-with-SSL-on-Splunk-Cloud/m-p/669569#M2641 <P>Technically, data from UF does _not_ come via HEC to Cloud but is sent with S2S protocol embedded in HTTP requests. But it does connect with HTTP protocol and needs an authentication token. Otherwise everyone could send data to your environment.</P> Thu, 23 Nov 2023 12:29:54 GMT PickleRick 2023-11-23T12:29:54Z How to secure the HTTP-Event-Collector with SSL on Splunk Cloud? https://community.splunk.com/t5/Splunk-Cloud-Platform/How-to-secure-the-HTTP-Event-Collector-with-SSL-on-Splunk-Cloud/m-p/669564#M2638 Thu, 23 Nov 2023 12:06:27 GMT https://community.splunk.com/t5/Splunk-Cloud-Platform/How-to-secure-the-HTTP-Event-Collector-with-SSL-on-Splunk-Cloud/m-p/669564#M2638 Bhart 2023-11-23T12:06:27Z Re: How to secure the HTTP-Event-Collector with SSL on Splunk Cloud? https://community.splunk.com/t5/Splunk-Cloud-Platform/How-to-secure-the-HTTP-Event-Collector-with-SSL-on-Splunk-Cloud/m-p/669567#M2639 <P>HEC inputs on Cloud are TLS-enabled by default.</P> Thu, 23 Nov 2023 12:12:29 GMT https://community.splunk.com/t5/Splunk-Cloud-Platform/How-to-secure-the-HTTP-Event-Collector-with-SSL-on-Splunk-Cloud/m-p/669567#M2639 PickleRick 2023-11-23T12:12:29Z Re: How to secure the HTTP-Event-Collector with SSL on Splunk Cloud? https://community.splunk.com/t5/Splunk-Cloud-Platform/How-to-secure-the-HTTP-Event-Collector-with-SSL-on-Splunk-Cloud/m-p/669568#M2640 <P>Thank you for the clarification. Also, may I know what the use of universal forwarder credentials is when the date comes via HEC?&nbsp;</P> Thu, 23 Nov 2023 12:20:08 GMT https://community.splunk.com/t5/Splunk-Cloud-Platform/How-to-secure-the-HTTP-Event-Collector-with-SSL-on-Splunk-Cloud/m-p/669568#M2640 Bhart 2023-11-23T12:20:08Z Re: How to secure the HTTP-Event-Collector with SSL on Splunk Cloud? https://community.splunk.com/t5/Splunk-Cloud-Platform/How-to-secure-the-HTTP-Event-Collector-with-SSL-on-Splunk-Cloud/m-p/669569#M2641 <P>Technically, data from UF does _not_ come via HEC to Cloud but is sent with S2S protocol embedded in HTTP requests. But it does connect with HTTP protocol and needs an authentication token. Otherwise everyone could send data to your environment.</P> Thu, 23 Nov 2023 12:29:54 GMT https://community.splunk.com/t5/Splunk-Cloud-Platform/How-to-secure-the-HTTP-Event-Collector-with-SSL-on-Splunk-Cloud/m-p/669569#M2641 PickleRick 2023-11-23T12:29:54Z