Getting Data In

Refresh SplunkUF Credentials Package

rainbowtiger939
Engager

I downloaded the SplunkUF Credentials Package file by following the instructions here, but I exposed it to the public internet.

I realize the package file contains an RSA public and private key pair, which I presume to be used to build the HTTPS connection between the Universal Forwarder and the Splunk Cloud instance. 

I would like to assume that this key pair is compromised and move on. Is there a way to force Splunk Cloud to generate another Credentials Package file with a new pair of keys?

Thanks for your help in advance, cheers.

Labels (1)
0 Karma
1 Solution

richgalloway
SplunkTrust
SplunkTrust

Contact Splunk Cloud support for help with that.

---
If this reply helps you, Karma would be appreciated.

View solution in original post

richgalloway
SplunkTrust
SplunkTrust

Contact Splunk Cloud support for help with that.

---
If this reply helps you, Karma would be appreciated.
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...