Hi @Paaattt Are you using Splunk Cloud as your destination? If so you'll need to download the UF app download package which will contain your certificates, and if not you'll need to gather them fro...
See more...
Hi @Paaattt Are you using Splunk Cloud as your destination? If so you'll need to download the UF app download package which will contain your certificates, and if not you'll need to gather them from your Splunk Enterprise deployment (the location may depend on your setup). Kiteworks requires separate files for the server certificate, intermediate certificate, root certificate, and private key for TLS setup. Typically for Splunk we combine these in a single PEM file, but Kiteworks needs them as distinct files. Obtain your Splunk PEM certs, this would be inside the UF forwarder app if you're using Splunk Cloud. Split out the certs/keys into individual certificates (server, intermediate, root) and the private key in separate files. Verify that the certificates are in the correct format (PEM) and the private key is in RSA format Once you have these files you should be able to upload these to KiteWorks which will then hopefully allow you to enable to output to Splunk. Please let me know how you get on and consider adding karma to this or any other answer if it has helped. Regards Will