Security

SSL Communication between Splunk Indexers and UF/HF

sankaraniyan1
Explorer

Hi All,

   I have a weird requirement here but maybe some expert help might be showered .

I have a set of 800+ agents distributed across 3 Data center ( 1 primary DC and 2 secondary DC) and  client expects us to use SSL communication between the Datacenter. I use a Heavy Forwarder ( HF) at those 2 secondary DC to do some custom monitoring .

I have the solution finalized, with Indexer cluster and SH  to be at Primary DC.  I am planning to use a single indexer cluster to receive data from all forwarders. Now I am looking at following query i have.

1) Can i have my Universal forwarders in the primary DC talk without SSL certificates, while communication from UF agents in other DC is with SSL ?

2) Can i have the UF's in secondary DC talk to the HF in secondary DC without SSL and Data from HF's forwarder to Indexer over SSL.

  Basically can I configure SSL and non SSL communication in a single set of Indexer cluster ?

 

SKR..

Labels (3)
0 Karma
Get Updates on the Splunk Community!

App Building 101 - Build Your First App!

WATCH RECORDING NOW   Tech Talk: App Dev Edition Splunk has tons of out-of-the-box functionality, and you’ve ...

Introducing support for Amazon Data Firehose in Splunk Edge Processor

We’re excited to announce a powerful update to Splunk Data Management with added support for Amazon Data ...

The Observability Round-Up: September 2024

What’s up Splunk Community! Welcome to the latest edition of the Observability Round-Up, a monthly series in ...