search cancel

Using SSL Certificate with Splunk Forwarder

book

Article ID: 174236

calendar_today

Updated On:

Products

ICDx

Issue/Introduction

Symantec Integrated Cyber Defense Exchange (ICDx) needs to be connected to a Splunk server.

Splunk server requires SSL/TLS.

Environment

ICDx 1.1 or later

Splunk Enterprise 7.2 or later OR Splunk Cloud

Resolution

In ICDx Splunk Forwarder, ensure that SSL certificate path is correct.

Default path: <Splunk home>/etc/auth/cacert.pem