Symantec Integrated Cyber Defense Exchange (ICDx) needs to be connected to a Splunk server.
Splunk server requires SSL/TLS.
ICDx 1.1 or later
Splunk Enterprise 7.2 or later OR Splunk Cloud
In ICDx Splunk Forwarder, ensure that SSL certificate path is correct.
Default path: <Splunk home>/etc/auth/cacert.pem