Security

Splunk findout openssl version used

gowthammahes
Path Finder

HI,

Currently I am using splunk version of Version:8.1.2. And i would like to know the openssl version which is used in splunk version. So i ran 2 commands to know the openssl version but i am getting 2 different results from that commands.

so which one do i need to consider???

1. splunk@splunkidx$ ./splunk/bin/splunk cmd openssl version
OpenSSL 1.0.2w-fips 9 Sep 2020

2.splunk@splunkidx$ openssl version
OpenSSL 1.1.1k FIPS 25 Mar 2021

 

Labels (1)
0 Karma
1 Solution

somesoni2
SplunkTrust
SplunkTrust

The first command give version of openssl that ships with Splunk. The second command gives openssl version installed by OS, hence the difference.

View solution in original post

sysadminorc
New Member

My testing shows Splunkforwarder 9.0.1 isn't running the vulnerable OpenSSL 3.0

[root@localhost opt]# export LD_LIBRARY_PATH=/opt/splunkforwarder/lib
[root@localhost opt]# /opt/splunkforwarder/bin/openssl version
WARNING: can't open config file: /opt/splunk-home/openssl/openssl.cnf
OpenSSL 1.0.2zf-fips 21 Jun 2022 

 

0 Karma

somesoni2
SplunkTrust
SplunkTrust

The first command give version of openssl that ships with Splunk. The second command gives openssl version installed by OS, hence the difference.

Get Updates on the Splunk Community!

Index This | I am a number, but when you add ‘G’ to me, I go away. What number am I?

March 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...

What’s New in Splunk App for PCI Compliance 5.3.1?

The Splunk App for PCI Compliance allows customers to extend the power of their existing Splunk solution with ...

Extending Observability Content to Splunk Cloud

Register to join us !   In this Extending Observability Content to Splunk Cloud Tech Talk, you'll see how to ...