We are getting some vulnerabilities for our splunk instance and to fix that we need to Add strict-transport-security header to the http responses.
We have tried adding stanza "sendStrictTransportSecurityHeader = true" to the server.conf and web.conf but the issue still persist,
Can anyone please help me on this issue
Did you set enableSplunkWebSSL ? Also, adding/changing either value requires a Splunk restart.