GM!
We currently have Splunk 7.2.3 and there is a STIG requirement to turn on the FIPS setting. According to the STIG, the only way to turn it on is to reinstall or upgrade the software. Is that correct?
If I choose to reinstall 7.2.3 without first uninstalling it, will that work? What is the Windows command to query the FIPS status on the Splunk server?
FIPS has to be enabled before starting Splunk for the first time. Enable FIPS in the config files. Furthermore, FIPS is only supported on Linux systems so there's no Windows command to query the FIPS setting. See https://docs.splunk.com/Documentation/Splunk/8.0.4/Security/SecuringSplunkEnterprisewithFIPS
Thanks for the quick response!
I am having some authentication issue. When running Splunk command in the Command Prompt, I am able to logon as admin. However, when I tried to logon using admin through the web UI, I am not able to log on at all. Also, I am not able to logon using my AD account neither. Any idea?