Deployment Architecture
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Deployment Server Behind HTTPS Proxy

my2ndhead
SplunkTrust
SplunkTrust
‎07-15-2013 01:58 AM

Instead of having a deployment-server chain, I would like to provide access for some deployment clients through a https proxy.

I have set up an apache https proxy and I can see the initial request going through (status 200).

The second request fails with status 404: 

192.168.178.115 - - [15/Jul/2013:10:49:36 +0200] "POST /services/broker/connect/CA398386-0AEA-46D2-A0FE-021A963DB8CC/windows7/163460/windows-x64/8089 HTTP/1.0" 200 107
192.168.178.115 - - [15/Jul/2013:10:49:36 +0200] "POST /services/broker/channel/subscribe/connection_192.168.178.210_8089_splunk_windows7_CA398386-0AEA-46D2-A0FE-021A963DB8CC/tenantService%2Fhandshake%2Freply%2Fwindows7%2FCA398386-0AEA-46D2-A0FE-021A963DB8CC HTTP/1.0" 404 392

I have tried to set up Apache in both forwarding and reverse proxy mode.

Any ideas?

Tags (1)
Reply
1 Solution
Solved! Jump to solution
Solution

my2ndhead
SplunkTrust
SplunkTrust
‎05-29-2016 03:24 AM

Probably something has changed in one of the recent releases.

This nginx configuration seems to work. Not sure if it supported.

splunkd.conf:

 upstream splunkrest {
            ip_hash;
            server <mysplunkserver>:8089;
        }

    server {
            listen 8089 ssl;

            ssl_certificate     /opt/splunk/etc/auth/server.pem;
            ssl_certificate_key /opt/splunk/etc/auth/server.pem;

            location /services {
                proxy_pass https://splunkrest;

            }
        }

View solution in original post

Reply
Solved! Jump to solution
Solution

my2ndhead
SplunkTrust
SplunkTrust
‎05-29-2016 03:24 AM

Probably something has changed in one of the recent releases.

This nginx configuration seems to work. Not sure if it supported.

splunkd.conf:

 upstream splunkrest {
            ip_hash;
            server <mysplunkserver>:8089;
        }

    server {
            listen 8089 ssl;

            ssl_certificate     /opt/splunk/etc/auth/server.pem;
            ssl_certificate_key /opt/splunk/etc/auth/server.pem;

            location /services {
                proxy_pass https://splunkrest;

            }
        }
Reply
Solved! Jump to solution

nurtdi
Path Finder
‎04-27-2014 10:07 PM

I am looking for same setup info... did you find a solution?

0 Karma
Reply
Get Updates on the Splunk Community!

Building Reliable Asset and Identity Frameworks in Splunk ES

 Accurate asset and identity resolution is the backbone of security operations. Without it, alerts are ...

Cloud Monitoring Console - Unlocking Greater Visibility in SVC Usage Reporting

For Splunk Cloud customers, understanding and optimizing Splunk Virtual Compute (SVC) usage and resource ...

Automatic Discovery Part 3: Practical Use Cases

If you’ve enabled Automatic Discovery in your install of the Splunk Distribution of the OpenTelemetry ...