Getting Data In
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

About version difference between UF and SH.

oda
Communicator
‎02-19-2019 12:26 AM

I saw it.
https://docs.splunk.com/Documentation/Forwarder/7.2.4/Forwarder/Compatibilitybetweenforwardersandind...

I am using IDX of 6.4 and UF of 7.2.
However, I can not communicate from client hello to x.

An S in a cell indicates that this version of forwarder can send data to this version of indexer after you change the Secure Sockets Layer (SSL)/Transport Layer Security (TLS) version and cipher suite on the forwarder. See Known Issues in the Splunk Enterprise Release Notes for instructions on changing the SSL/TLS version and cipher suite.

I do not understand what settings I should add to UF.
Please teach me

0 Karma
Reply

markusspitzli
Communicator
‎02-19-2019 07:27 AM

With Version 6.6.0 they made fixes on the ssl handling. You have to tweak the settings on the UF so that it uses an "insecure" Version of SSL/TLS.
Another possibility is to upgrade the IDX to at least 6.6.

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Answers Content Calendar, July Edition I

Hello Community! Welcome to another month of Community Content Calendar series! For the month of July, we will ...

Secure Your Future: Mastering Upgrade Readiness for Splunk 10

Spotlight: The Splunk Health Assistant Add-On  The Splunk Health Assistant Add-On is your ultimate companion ...

Observability Unlocked: Kubernetes & Cloud Monitoring with Splunk IM

Ready to master Kubernetes and cloud monitoring like the pros? Join Splunk’s Growth Engineering team on ...