Security
Highlighted

How to enable TCP Data Input with SSL?

New Member

Hi

7.1.2 Splunk on Windows, I need to send log through TCP with SSL.
How can I enable TCP SSL?

Thanks
Regards

0 Karma
Highlighted

Re: How to enable TCP Data Input with SSL?

SplunkTrust
SplunkTrust

You could use tcp-ssl:port configuration in inputs.conf

[tcp-ssl:<port>]
* Use this stanza type if you are receiving encrypted, unparsed data from a
  forwarder or third-party system.
* Set <port> to the port on which the forwarder/third-party system is sending
  unparsed, encrypted data.
* To create multiple SSL inputs, you can add the following attributes to each 
[tcp-ssl:<port>] input stanza. If you do not configure a certificate in the 
port, the certificate information is pulled from the default [SSL] stanza: 
  * serverCert = <path_to_cert> 
  * sslRootCAPath = <path_to_cert> This attribute should only be added 
    if you have not configured your sslRootPath in server.conf. 
  * sslPassword = <password>
0 Karma
Highlighted

Re: How to enable TCP Data Input with SSL?

New Member

Tried this on fresh install : "Could not find config id for port ". Any thoughts ?

0 Karma