×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question
Christoph_vW
Engager
Member since: ‎01-27-2024
‎02-05-2026
Community Statistics
Posts 2
Solutions 1
Karma Given 0
Karma Received 1
Member Since ‎01-27-2024
Topics I've Started
No posts to display.
View All

Re: Splunk Add-on for AWS from 5.0 to 7.3 facing s...

by in All Apps and Add-ons
‎01-27-2024 04:50 AM
‎01-27-2024 04:50 AM
try the following:   edit your /etc/systemd/system/Splunkd.service in the [Service] section add the following two lines: Environment=REQUESTS_CA_BUNDLE=/etc/ssl/ca-bundle.pem Environment=SSL_CERT_FILE=/etc/ssl/ca-bundle.pem Replace /etc/ssl/ca-bundle.pem with the path to your CA bundle with your own certificate (or keep the path and add your ca certificates to the linux os truststore)   Python standard libs (httplib,urlib3) will use the CA trust bundle specified in SSL_CERT_FILE and the requests library will use REQUESTS_CA_BUNDLE. ... View more

Re: Error when trying to configure Splunk Security...

by in All Apps and Add-ons
‎01-27-2024 01:59 AM
1 Karma
‎01-27-2024 01:59 AM
1 Karma
Proper Solution: edit your /etc/systemd/system/Splunkd.service in the [Service] section add the following two lines: Environment=REQUESTS_CA_BUNDLE=/etc/ssl/ca-bundle.pem Environment=SSL_CERT_FILE=/etc/ssl/ca-bundle.pem Replace /etc/ssl/ca-bundle.pem with the path to your CA bundle with your own certificate (or keep the path and add your ca certificates to the linux os truststore)   Python standard libs (httplib,urlib3) will use the CA trust bundle specified in SSL_CERT_FILE and the requests library will use REQUESTS_CA_BUNDLE.   One problem left: Splunk will often connect by IP adress instead of using proper hostnames. For Security Essentials you might have two options (I verified the first): -include IP 127.0.0.1 in the certificate of the Search Head or -in web.conf set mgmtHostPort =<SPLUNK-SEARCH-HEAD-FQDN>:8089 (Security Essentials will read this property in bin/sse_id_enrichment.py and will use it for the connection)     ... View more
Contact Me
Online Status
Offline
Date Last Visited
‎02-05-2026 06:15 AM
Karma from
View All