Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Can SSL be configured when sending data to Universal Forwarder through TCP connection from an external source?

ankithreddy777
Contributor
‎03-17-2017 01:36 PM

Hi,
Data is sent to Splunk Universal Forwarder (UF) through the TCP connection. From UF, data is forwarded to indexers. As we know SSL is supported by Splunk when Data is sent to Indexers. But can SSL be configured when sending data to Splunk UF through TCP connection from an external source?

0 Karma
Reply

gjanders
SplunkTrust
SplunkTrust
‎03-17-2017 03:24 PM

As per Get data from TCP and UDP ports refer to :

Configure a TCP input over SSL

[tcp-ssl:]

Use this stanza type if you receive
encrypted, unparsed data from a
forwarder or third-party system. Set
to the port on which the
forwarder or third-party system is
sending unparsed, encrypted data.

So yes the universal forwarder can use a tcp-ssl stanza to receive encrypted SSL traffic as a listener...

-
Alerts for Splunk Admins, Version Control for Splunk, Decrypt2 VersionControl For SplunkCloud
0 Karma
Reply
Get Updates on the Splunk Community!

Earn a $35 Gift Card for Answering our Splunk Admins & App Developer Survey

Survey for Splunk Admins and App Developers is open now! | Earn a $35 gift card!      Hello there,  Splunk ...

Continuing Innovation & New Integrations Unlock Full Stack Observability For Your ...

You’ve probably heard the latest about AppDynamics joining the Splunk Observability portfolio, deepening our ...

Monitoring Amazon Elastic Kubernetes Service (EKS)

As we’ve seen, integrating Kubernetes environments with Splunk Observability Cloud is a quick and easy way to ...