New Member

Hi there,
The documentation for SDK suggests it is built on SPLUNK REST API, which means it should be HTTPS by default. We have tried using WireShark to check if the messages sent by our c# dotnet application to SPLUNK Indexer were encrypted or not; but we found encryption is not happening. So my question is if we need to force SSL for all incoming connections to the Indexer via some configuration settings. Please assist. Thanks.

Tags (4)
0 Karma


By default the splunkd port (8089) that's used for all REST calls will only accept SSL encrypted connections. SSL can be disabled, but that's generally not recommended and is not the default setting. Which port are you seeing this unencrypted traffic on?

0 Karma

Splunk Employee
Splunk Employee

Sounds to me like they are forwarding i.e., sending messages to an indexer.

0 Karma
Get Updates on the Splunk Community!

What’s new on Splunk Lantern in August

This month’s Splunk Lantern update gives you the low-down on all of the articles we’ve published over the past ...

Welcome to the Future of Data Search & Exploration

You have more data coming at you than ever before. Over the next five years, the total amount of digital data ...

This Week's Community Digest - Splunk Community Happenings [8.3.22]

Get the latest news and updates from the Splunk Community here! News From Splunk Answers ✍️ Splunk Answers is ...