Solved: DNS error when logging in to Splunk SOAR instance ...

sschimper · ‎11-04-2022

Hi,

I have a simple AWS environment, and want to create an EC2 instance with the Splunk SOAR (On-premises) AMI from the Amazon Marketplace running on it.

I am following these instructions from the Splunk Docs.

The issue I am facing is that when I attempt to log in to the deployed SOAR instance (after giving it 20 mins to initialise), I receive an DNS error as shown on the screenshot below. I am using the public IP address from the AWS console.

Has someone an idea? Thanks in advance for your help and support!

sschimper · ‎11-21-2022

I fixed the issue. I was connecting to the web interface via HTTP and it should have been HTTPS. I guess, I automatically assumed it would be the same as with the Splunk Enterprise AMI, since it doesn't have HTTPS enabled by default.

View solution in original post

sschimper · ‎11-21-2022

I fixed the issue. I was connecting to the web interface via HTTP and it should have been HTTPS. I guess, I automatically assumed it would be the same as with the Splunk Enterprise AMI, since it doesn't have HTTPS enabled by default.

DNS error when logging in to Splunk SOAR instance deployed on an AWS EC2 instance

using SOAR ⁄ Phantom

Extending Observability Content to Splunk Cloud

More Control Over Your Monitoring Costs with Archived Metrics!

New in Observability Cloud - Explicit Bucket Histograms