All Apps and Add-ons
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Does Website Monitoring app work with FIPS 140-2 mode?

digituel
New Member
‎12-12-2016 01:38 PM

Do you know if the Website Monitoring app works with FIPS mode enabled for Splunk? The monitor worked fine until I enabled FIPS mode in Splunk. At the point FIPS was enabled, the monitor stopped logging monitors.

Website Monitoring stops working when FIPS mode is enabled

Tags (2)
0 Karma
Reply

LukeMurphey
Champion
‎12-17-2016 06:54 PM

The app generates hashes of the content which is likely failing (one of them is MD5). I believe I can make the work by disabling the hashes that are non-compliant with FIPS mode (i.e. including SHA hashes only).

I opened a ticket for this: http://lukemurphey.net/issues/1656

0 Karma
Reply

khinchliff_splu
Splunk Employee
Splunk Employee
‎12-13-2016 06:43 AM

According to the docs: "The FIPS module disables the use of some cryptographic algorithms in the instance of Python that Splunk software uses to run apps (such as md5 and rc4)" - if the app uses them then it is not compatible with FIPS mode.

As an aside, usually you need to enable FIPS mode at install time, rather than enabling it later.

0 Karma
Reply

khinchliff_splu
Splunk Employee
Splunk Employee
‎12-13-2016 07:01 AM

To elaborate... I believe that the certificates generated in FIPS mode are different, so FIPS mode should be enabled before the first startup. Enabling later may cause data not to be sent between your Splunk servers as the certificates will not be valid, you should see errors in splunkd.log.

0 Karma
Reply
Get Updates on the Splunk Community!

Announcing the Expansion of the Splunk Academic Alliance Program

The Splunk Community is more than just an online forum — it’s a network of passionate users, administrators, ...

Learn Splunk Insider Insights, Do More With Gen AI, & Find 20+ New Use Cases You Can ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Buttercup Games: Further Dashboarding Techniques (Part 7)

This series of blogs assumes you have already completed the Splunk Enterprise Search Tutorial as it uses the ...
Top