i have to say this is not working with Splunk 7.0.0 enterprise search head cluster.
we have set up ELB in front of the search head nodes. ELB is listening on port 443 and forward to port 8000 on backend search head.
I did some test and found that if you try to access HTTPS, the backend will do a 303 redirect to HTTP. For example, if you access https://splunk.example.com, backend server will 303 redirect it to http://splunk.example.com. So if the ELB has no port 80 listener, it will failed with timed out. If the ELB has port 80 listener, eventually you will be redirected to HTTP url. Then, there's nothing happening with HTTPS, it was just skipped and ignored.
I really don't understand why backend search head server do a 303 redirect on HTTPS request and there were a lot of discussion but none of them giving a solution, all ended up with nothing.
Please, someone who had same issue here, post your answer here. Splunk has a really bad community ecosystem compared to AWS. Hope some expert can help here.
... View more