- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi there, I have two questions:
Q1: Is it possible to turn on any encryption to the indexes of a Splunk installation other than using third party file system encryption?
Q2 : What compression do the Splunk indexes use?
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Q1. What are you trying to achieve? Encryption at rest? Cryptographically signed splunk logs? Encryption at power off?
Splunk can do cryptographically signed logs - http://www.splunk.com/base/Documentation/4.2.1/Admin/Signauditevents
Crypto at power off can be handled using a crypto file system such as Luks - http://en.wikipedia.org/wiki/Linux_Unified_Key_Setup
Q2. I believe Splunk uses Zlib for compression.
- Mark as New
- Bookmark Message
- Subscribe to Message
- Mute Message
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Q1. What are you trying to achieve? Encryption at rest? Cryptographically signed splunk logs? Encryption at power off?
Splunk can do cryptographically signed logs - http://www.splunk.com/base/Documentation/4.2.1/Admin/Signauditevents
Crypto at power off can be handled using a crypto file system such as Luks - http://en.wikipedia.org/wiki/Linux_Unified_Key_Setup
Q2. I believe Splunk uses Zlib for compression.
