Hello! I rolled back the SIEM Integration add-on version to 1.4.15 and it worked. You still need to add the akamai certificate to your JRE's cacerts (I'm using 1.9) and see if your Splunk accesses the AKAMAI endpoint URL. Hope this helps! Add-on url: Akamai SIEM Integration | Splunkbase Session Version History Access the host url using browser (like https://akab-xxxxxx.luna.akamaiapis.nt) and dowload the certificate. Follow the procedure to input the certificate inside cacerts. My example: keytool --importcert -keystore /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.352.b08-2.el8_7.x86_64/jre/lib/security/cacerts -storepass changeit -file /opt/splunk/etc/auth/mycert/root.crt -alias "rhel-root" Regardless of the JRE version, or cacerts will always be in xxxxx/jre/lib/security/cacerts
... View more