×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question
YusufK
Loves-to-Learn Lots
Member since: ‎10-05-2020
‎09-16-2021
Community Statistics
Posts 2
Solutions 0
Karma Given 0
Karma Received 0
Member Since ‎10-05-2020
Activity Feed
View All

Re: Working on Securing Data with SSL between Hea...

by in Getting Data In
‎10-15-2020 04:29 PM
‎10-15-2020 04:29 PM
Hi I am looking for    Deployment Server <---> UF   For example, Server A is my Deployment Server AND Heavy Forwarder. Server B is my Deployment Client. I would like them to communicate with the default cert, and I would like searchable results in the search bar for Server B.   Thank you. ... View more

Working on Securing Data with SSL between Heavy F...

by in Getting Data In
‎10-15-2020 03:04 PM
‎10-15-2020 03:04 PM
Hi, I am having trouble attempting to get a deployment server and a deployment client to communicate and then access data through the Splunk search using SSL with Splunk default certificates. What steps would I have to go through to achieve this? So I am trying to get my deployment server A with default certs cacert.pem and server.pem in /etc/auth to communicate with Server B which also has the same default certs in /etc/auth.  I have defined the Deployment Server server.conf and inputs.conf as shown:   [sslConfig] enableSplunkdSSL = false useClientSSLCompression = true serverCert = /xxxxx/splunk/etc/auth/server.pem sslPassword = password sslRootCAPath = /xxxx/splunk/etc/auth/cacert.pem certCreateScript = genMyServerCert.sh   inputs.conf   [SSL] serverCert = /xxxx/splunk/etc/auth/server.pem password = password rootCA = /xxxx/splunk/etc/auth/cacert.pem requireClientCert = false sslVersions = tls,-ssl3   On my  Server B or Deployment Client, my server.conf is defined as [sslConfig] enableSplunkdSSL = true [default] useClientSSLCompression = true serverCert = /xxxx/splunkforwarder/etc/auth/server.pem sslPassword = password sslRootCAPath = /xxxx/splunkforwarder/etc/auth/cacert.pem certCreateScript = genMyServerCert.sh What .conf files do I need to edit and what stanzas will I need to define on the Deployment Client(server B) for them to communicate and eventually I can search Server B on my search head? Sorry if this is unclear but I will be answering any questions on what I am asking. Thank you. ... View more
Labels
Contact Me
Online Status
Offline
Date Last Visited
‎09-16-2021 04:01 PM