Getting Data In
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Splunk_OPSEC_TA: how can I pull the OPSEC .p12 cert from the Check Point management server without having to use Splunk web? Are there any command line tool?

jbsplunk
Splunk Employee
Splunk Employee
‎07-03-2013 11:17 AM

I've disabled SplunkWeb on my indexers and don't really want to re-enable it just to perform this function. Is there a workaround?

Tags (1)
Reply
1 Solution
Solved! Jump to solution
Solution

Chubbybunny
Splunk Employee
Splunk Employee
‎07-03-2013 11:30 AM

this might help JB: '/opt/splunk/bin/splunk cmd ./pull-cert.sh'

for example:

[root@JAMES bin]# /opt/splunk/bin/splunk cmd ./pull-cert.sh 10.160.31.126 Splunk_JAMES support1 Splunk_JAMES_CERT_P12

The full entity sic name is:
CN=Splunk_JAMES,O=SENTINEL-ONE_Management_Server..fxugme
Certificate was created successfully and written to "../certs/Splunk_JAMES_CERT_P12".

by invoking the Splunk 'cmd' command, you can run the 'pull-cert.sh' directly.

invoke the command in the 'Splunk_TA_opseclea_linux22/bin' directory and include (in Order) the IP address of the Check Point management server, OPSEC Application name, OPSEC Application password, and CERT name. 

(\__/)
(='.'=)
(")_(")

View solution in original post

Reply
Solved! Jump to solution
Solution

Chubbybunny
Splunk Employee
Splunk Employee
‎07-03-2013 11:30 AM

this might help JB: '/opt/splunk/bin/splunk cmd ./pull-cert.sh'

for example:

[root@JAMES bin]# /opt/splunk/bin/splunk cmd ./pull-cert.sh 10.160.31.126 Splunk_JAMES support1 Splunk_JAMES_CERT_P12

The full entity sic name is:
CN=Splunk_JAMES,O=SENTINEL-ONE_Management_Server..fxugme
Certificate was created successfully and written to "../certs/Splunk_JAMES_CERT_P12".

by invoking the Splunk 'cmd' command, you can run the 'pull-cert.sh' directly.

invoke the command in the 'Splunk_TA_opseclea_linux22/bin' directory and include (in Order) the IP address of the Check Point management server, OPSEC Application name, OPSEC Application password, and CERT name. 

(\__/)
(='.'=)
(")_(")
Reply
Get Updates on the Splunk Community!

How to Monitor Google Kubernetes Engine (GKE)

We’ve looked at how to integrate Kubernetes environments with Splunk Observability Cloud, but what about ...

Index This | How can you make 45 using only 4?

October 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Splunk Education Goes to Washington | Splunk GovSummit 2024

If you’re in the Washington, D.C. area, this is your opportunity to take your career and Splunk skills to the ...