Community Blog
Get the latest updates on the Splunk Community, including member experiences, product education, events, and more!

Avoid Certificate Expiry Issues in Splunk Enterprise with Certificate Assist

adepp
Splunk Employee
Splunk Employee

This blog post is part 2 of 4 in a series on Splunk Assist. Click the links below to see the other blog posts.

In this blog post, we’ll dive into one of the features within Splunk Assist, called Certificate Assist.

First, What is Splunk Assist? 

(in case you missed it)

Splunk Assist is a free, cloud-connected service for Splunk Enterprise. Assist inspects your deployment for security risks, and using telemetry data sent to Splunk Cloud, provides cloud-powered insights and recommendations. 

It improves your security posture by helping identify unpatched applications, expiring TLS certificates, and insecure configuration settings. With Splunk Assist you’ll be given recommendations that you can act on immediately to make your deployment even more secure. Based on our initial estimates, the insights and recommendations in Assist may also help reduce admins’ efforts spent on platform management tasks by 25%.

What is Certificate Assist?

Certificate Assist allows you to identify and mitigate certificate expiry issues. Remember those hundreds and thousands of forwarders that you have to manage and track certs for? No more! 

Assist scans for TLS certificates in use with a Splunk deployment across all node types, including search heads, indexers, and forwarders. Assist will not only keep track of the expiry date for you but will also warn you and tell you exactly which node has the expired certifications. 

Admins can now easily assess and address issues related to certificates before they expire and prevent outages or missing data. 

The Certificate Assist overview page lists warnings of certification expiries with suggested actions to take. It displays a ranked order list of certification issues based on the closest expiration date. From here, you can also view and export a list of SSL certificates due to expire soon. See below for a screenshot of what the Certificate Assist page view looks like:

adepp_0-1669761431440.png

The benefit of Certificate Assist is that you proactively avoid the pain of losing connectivity when certificates expire.

Additional Resources:

Questions or feedback? Contact the team at ssg-splunk-assist@splunk.com.

— Baylie Depp, Product Marketing Manager

Get Updates on the Splunk Community!

Announcing the 1st Round Champion’s Tribute Winners of the Great Resilience Quest

We are happy to announce the 20 lucky questers who are selected to be the first round of Champion's Tribute ...

We’ve Got Education Validation!

Are you feeling it? All the career-boosting benefits of up-skilling with Splunk? It’s not just a feeling, it's ...

What’s New in Splunk Cloud Platform 9.1.2308?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.1.2308! Analysts can ...