Installation
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

Why is this unknown protocol found in indexer from Windows Universal Forwarder: SSL23_GET_CLIENT_HELLO?

td-security
Observer
‎01-09-2023 12:19 AM

I install UF 8.2.4 for Windows and using default pem and CA certificate, I tried to connect UF to the indexer. However, the eventlog information cannot be sent to indexer with the error 

ERROR TcpInputProc - Error encountered for connection from src=192.168.xx.xxx:65251. error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol

I search thru the /opt/splunk/var/log/splunk/splunkd.log and not much information can be found. How can I get more detail info to troubleshoot the problem ?

 

Labels (3)
Tags (1)
0 Karma
Reply
Get Updates on the Splunk Community!

Don't wait! Accept the Mission Possible: Splunk Adoption Challenge Now and Win ...

Attention everyone! We have exciting news to share! We are recruiting new members for the Mission Possible: ...

Unify Your SecOps with Splunk Mission Control

In today’s post, I'm excited to share some recent Splunk Mission Control innovations. With Splunk Mission ...

Data Preparation Made Easy: SPL2 for Edge Processor

By now, you may have heard the exciting news that Edge Processor, the easy-to-use Splunk data preparation tool ...