Thank you for the response. After adding the key to the UF, I am seeing another error on my forwarder. streamfwd.log is outputting this error:
stream.SnifferReactor - SSL decryption error (cipher suite not decryptable) (ssl) [c=126.96.36.199:4158, s=172.29.2.115:443]
The key is in RSA format. I can't seem to find any other additional documentation on this issue.
... View more
I am having issues monitoring wire traffic on port 443 (HTTPS). I am successfully monitoring on port 80 (HTTP), however I am unsure of the additional configurations needed for HTTPS to work properly.
I have installed the Stream app on a deployment server, which has successfully distributed the app to the universal forwarder. The universal forwarder is located on the web server. While parsing the documentation, I'm confused about which configurations to use and where to put them for HTTPS traffic. Has anyone else done this successfully? I haven't been able to find any specific documentation or Splunk answers for this issue. Any advice or direction on which configurations are needed for monitoring HTTPS on port 443 is appreciated.
I've noticed there is no https stream type, is this because it is included in the http one?
I am currently running Splunk 6.4.1 and Stream 6.6.1,Hello,
Thanks for any assistance.
... View more