Security

Best practices and questions about network configurations with Splunk Enterprise in a Kubernetes environment?

chris94089
Path Finder

Greetings,

I'm working on ways to set up Splunk containers inside Kubernetes.  I wanted to ask here if anybody has ever done this, and if there are some gotchas I should know about.

I've heard that Kubernetes Ingress provides TLS, so the inside of a pod doesn't have to listen to encryption as a result.  How does this affect configuring the Splunk container?  Can features like SSL AND TLS be turned off? Does turning off encryption features in Splunk break anything? Is this even possible with Splunk Enterprise?

I apologize for the general, high-level type of question, but there's not a lot of documentation out there for this.

Thanks in advance.

Labels (2)
0 Karma
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

 (view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...