Hi Splunkers.

I'm trying to integrate Bitdefender Gravityzone (Cloud) with Splunk on-premises, I have used the official documentation from the Bitdefender website:

https://www.bitdefender.com/business/support/en/77211-171475-splunk.html

but I'm stuck in the "Enable the Splunk integration" step;

In the beginning, I have tried using the "Enable the Splunk integration manually" method,  I have put everything in place and run the command in the documentation, but ended up with an error stating that "The web server with this URL must support TLS 1.2, at least" as shown in the below screenshot:

I have reviewed the documenting again in this link:

https://www.bitdefender.com/business/support/en/77209-135319-setpusheventsettings.html

Under the "Important" note:
"Event Push Service requires the HTTP collector running on the third-party platforms to support SSL with TLS 1.2 or higher, to send events successfully."

But here is the thing, I think that HEC by default only supports TLSv1.2 despite sslVersions=*

$ cat /opt/splunk/etc/apps/splunk_httpinput/default/inputs.conf
[http]
disabled=1
port=8088
enableSSL=1
dedicatedIoThreads=2
maxThreads = 0
maxSockets = 0
useDeploymentServer=0
# ssl settings are similar to mgmt server
sslVersions=*,-ssl2
allowSslCompression=true
allowSslRenegotiation=true
ackIdleCleanup=true

I have tried to use:
sslVersions=tls1.2 but nothing happened, it still shows the same issue.

Can someone please help me figure out how to solve this TLS issue?

Afterward, I have tried to use the "Enable the Splunk integration by running a script" method, aging I have put everything in place and run the script, but ended up with an error stating that:

FAIL - server response:
<html>
<head><title>404 Not Found</title></head>
<body>
<center><h1>404 Not Found</h1></center>
<hr><center>nginx</center>
</body>
</html>

as shown in the below screenshot:

Any Idea why this happens?

Much thanks.