All Apps and Add-ons

How to integrate Bitdefender Gravityzone Event Push Service SSL with TLS 1.2 or higher?

Path Finder

Hi Splunkers.

I'm trying to integrate Bitdefender Gravityzone (Cloud) with Splunk on-premises, I have used the official documentation from the Bitdefender website:

but I'm stuck in the "Enable the Splunk integration" step;

In the beginning, I have tried using the "Enable the Splunk integration manually" method,  I have put everything in place and run the command in the documentation, but ended up with an error stating that "The web server with this URL must support TLS 1.2, at least" as shown in the below screenshot:


I have reviewed the documenting again in this link:

Under the "Important" note:
"Event Push Service requires the HTTP collector running on the third-party platforms to support SSL with TLS 1.2 or higher, to send events successfully."

But here is the thing, I think that HEC by default only supports TLSv1.2 despite sslVersions=*


$ cat /opt/splunk/etc/apps/splunk_httpinput/default/inputs.conf
maxThreads = 0
maxSockets = 0
# ssl settings are similar to mgmt server


I have tried to use:
sslVersions=tls1.2 but nothing happened, it still shows the same issue.

Can someone please help me figure out how to solve this TLS issue?

Afterward, I have tried to use the "Enable the Splunk integration by running a script" method, aging I have put everything in place and run the script, but ended up with an error stating that:


FAIL - server response:
<head><title>404 Not Found</title></head>
<center><h1>404 Not Found</h1></center>


as shown in the below screenshot:


Any Idea why this happens?

Much thanks.

Labels (3)
Tags (2)
0 Karma

New Member

Did you ever figure out this problem? I have the same issue trying to integrate Bitdefender. 

0 Karma

Path Finder

Unfortunately, not yet, I have opened a case with Splunk to work on this but still, the issue is pending ☹️

0 Karma

New Member

I've the same error when i try to configure the event push between Splunk and BitDefender. Have you any news about it?

0 Karma

Path Finder

Unfortunately no answer anywhere 🥲

0 Karma
Get Updates on the Splunk Community!

Don't wait! Accept the Mission Possible: Splunk Adoption Challenge Now and Win ...

Attention everyone! We have exciting news to share! We are recruiting new members for the Mission Possible: ...

Unify Your SecOps with Splunk Mission Control

In today’s post, I'm excited to share some recent Splunk Mission Control innovations. With Splunk Mission ...

Data Preparation Made Easy: SPL2 for Edge Processor

By now, you may have heard the exciting news that Edge Processor, the easy-to-use Splunk data preparation tool ...