Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Do we have to enable/configure SSL on our 6.4.3 UFs before we upgrade to 7.1.2?

Branden
Builder
‎08-02-2018 02:32 PM

We are upgrading our Splunk Indexer from 6.4.3 to 7.1.2 (via 6.5). Our forwarders are running a mixture of 6.2.4 and 6.4.3 and are NOT using SSL.
Then I noticed this compatibility matrix for the UFs: http://docs.splunk.com/Documentation/Forwarder/7.1.2/Forwarder/Compatibilitybetweenforwardersandinde...

If I read this correctly, does this mean we must enable/configure SSL on our 6.4.3 UFs before we upgrade? Or will we still be able to send data to the 7.1.2 indexer without SSL from the older UFs?

Thanks!

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

jtacy
Builder
‎08-02-2018 03:01 PM

Non-SSL forwarding is still supported but if you do decide to use SSL at some point, you'll have to work out the version/cipher compatibility between UF and Indexer. Your configuration should work just fine the way it is.

If your UFs are configured as deployment clients and you're updating your Deployment Server, consider that the SSL/TLS config for the management port in 6.6+ is affected by the version/cipher changes and you'll need to work out a solution for that. The Known Issues page at http://docs.splunk.com/Documentation/Splunk/7.1.2/ReleaseNotes/KnownIssues suggests some configurations you could use on the server side to support legacy clients.

View solution in original post

Reply
Solved! Jump to solution
Solution

jtacy
Builder
‎08-02-2018 03:01 PM

Non-SSL forwarding is still supported but if you do decide to use SSL at some point, you'll have to work out the version/cipher compatibility between UF and Indexer. Your configuration should work just fine the way it is.

If your UFs are configured as deployment clients and you're updating your Deployment Server, consider that the SSL/TLS config for the management port in 6.6+ is affected by the version/cipher changes and you'll need to work out a solution for that. The Known Issues page at http://docs.splunk.com/Documentation/Splunk/7.1.2/ReleaseNotes/KnownIssues suggests some configurations you could use on the server side to support legacy clients.

Reply
Get Updates on the Splunk Community!

How to Monitor Google Kubernetes Engine (GKE)

We’ve looked at how to integrate Kubernetes environments with Splunk Observability Cloud, but what about ...

Index This | How can you make 45 using only 4?

October 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Splunk Education Goes to Washington | Splunk GovSummit 2024

If you’re in the Washington, D.C. area, this is your opportunity to take your career and Splunk skills to the ...