#SPLUNK INPUTS.CONF MONITOR CSV PASSWORD#
Do not configure this setting if you did not specify a password when you created your certificates. The password that you entered when you created the certificate, if you created a password. You can specify either the absolute path to the certificate, such as /opt/splunk/etc/auth/mycerts/myServerCert.pem, or you can use a relative path, such as etc/auth/mycerts/myServerCert.pem and the instance uses the Splunk platform instance installation directory. This is the certificate that the machine uses to support inbound connections over TLS/SSL. The location of the server certificate on the Splunk platform instance. Add the following stanzas and settings to the file.ĭefines a TCP network input to receive data over TLS/SSL on the port you specify.ĭefines the TLS/SSL settings for all inputs that you define for this instance. In the nf file, configure the indexer to use the server certificate.Use a text editor to open the $SPLUNK_HOME/etc/system/local/nf configuration file for editing.For example, you can move the files to a destination directory of $SPLUNK_HOME/etc/auth/mycerts/.
Using this prompt or file system management tools, copy the server certificate and the certificate authority public certificate into an accessible directory on the indexer where you want to configure certificates.The certificates you configure on indexers control how the indexer receives data from a forwarder. You can configure indexers to use TLS certificates. The key files that come with the certificates must be in RSA security format.You must have a private key file for each certificate file.The certificates must be in Privacy-Enhanced Mail format and comply with the x.509 public key certificate standard.After you get the certificates, you must prepare the certificates for use with Splunk platform instances.You can either obtain third party certificates from a certificate authority, or create and sign them yourself.Prerequisites for configuring Splunk indexing and forwarding using TLS certificatesīefore you can secure communications between Splunk indexers and forwarders, you must have the following:
#SPLUNK INPUTS.CONF MONITOR CSV INSTALL#
For details, see Install and configure the Splunk Cloud Platform universal forwarder credentials package. Instead, download and use the Splunk Cloud Universal Forwarder Credentials package and install it on your forwarding infrastructure.
You can either obtain certificates from a certificate authority, or create and sign them yourself.ĭo not use these instructions to configure secure forwarding of data to a Splunk Cloud Platform instance. The certificates you use can replace the default certificates that Splunk provides. You can use transport layer security (TLS) certificates to secure connections between forwarders and indexers. Configure Splunk indexing and forwarding to use TLS certificates
0 kommentar(er)
