Getting Data In

Does Splunk Http Event Collector supports Server Name Indication (SNI)?

amshukla
New Member

We have a requirement to collect the logs using client Certs (mTLS) authentication, and we are using Splunk HTTP Event Collector Endpoint along with token and client certs to achieve this. 

So in order to achieve extension to this TLS support we would like to know is there any way to update the .conf files to support the multiple server-side certificates which can be used for Server Name Indication (SNI) by which a client indicates which hostname it is attempting to connect. 

Have someone tried a similar approach before? Also if you could give other suggestions for our solution will be much appreciated!

Thank you.

Amit R. S

Labels (1)
0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In January, the Splunk Threat Research Team had one release of new security content via the Splunk ES Content ...

Expert Tips from Splunk Professional Services, Ensuring Compliance, and More New ...

Splunk Lantern is a Splunk customer success center that provides advice from Splunk experts on valuable data ...

Observability Release Update: AI Assistant, AppD + Observability Cloud Integrations & ...

This month’s releases across the Splunk Observability portfolio deliver earlier detection and faster ...