Installation

SSL Installation + KV Store error

chaitali_1994
Engager

I have a distributed environment where the Splunk instances are clustered and the version  I am using is 6.6.3. The server certificates are expired and there is no SSL communication enabled between Splunk servers. I have few queries:

1. How to enable the SSL communication?

2. How expired server certs are  going to impact  my Splunk environment?

3. How to know from the existing configurations, if there is any SSL communication between Splunk instances?

4. How can I resolve this error:

a. KV store changed its status to failed. KV store process terminated.

b. Failed to start KV store process. See mongod.log and splunkd.log for details.

c. KV store process terminated abnormally(exit code 14, status exited with code 14)

Labels (1)
0 Karma

aasabatini
Contributor

Hi @chaitali_1994 

as for certificates, you should upgrade splunk versions to be able to use unexpired certificates

how to use certificates you can follow this link:

https://docs.splunk.com/Documentation/Splunk/8.1.3/Security/ConfigureSplunkforwardingtousethedefault...

 

and for your kvstore error I suggest to  backup and resync your collection.

https://docs.splunk.com/Documentation/Splunk/8.0.1/Admin/BackupKVstore

https://docs.splunk.com/Documentation/Splunk/8.0.1/Admin/BackupKVstore

karma point or solution confirmation is appreciated