Splunk Enterprise Security

Check secure communication establish between search head and indexer

Path Finder

Hi Experts,

I am new in Splunk, especially in a Splunk distributed environment creation.
For enable SSL on splunkWeb , I modified the local copy of web.conf file ( https://docs.splunk.com/Documentation/Splunk/7.3.1/Admin/Webconf ), and its perfectly working fine.

But to establish secure communication between in Search Head and Indexer , I modified Input.conf file

https://docs.splunk.com/Documentation/Splunk/7.3.1/Security/ConfigureSplunkforwardingtousethedefault...

Is there any way to verify the communication between Indexers and search heads are secure?
(Using any CLI command or any other way) . I want to verify it before installing any splunk app.

0 Karma

SplunkTrust
SplunkTrust

The communication between SH and Indexers is SSL/encrypted by default. You don't need to do anything unless you want to change the default certs. https://docs.splunk.com/Documentation/Splunk/7.3.1/Security/Securingdistributedsearchheadsandpeers

0 Karma