Site Search
Security business menu
Security business
HOME
To be elected
cause
Service
Handling Manufacturer
Examples/reports/
Blog/Glossary
Seminar/
video on demand
TOP
Products/Services
Specifications/Technical Information
solution
User stories
support
Seminar content
Evaluation machine application/FAQ
Document request
inquiry
Event/Seminar
video on demand

How to enable SSL communication for Splunk Web

release date
2019-03-08
last updated
2023-02-15
version
Splunk Enterprise 9.0.3
Overview
  • There are three ways to enable SSL communication for Splunk Web
    1. Enable from Server Settings in Splunk Web
    2. Run the splunk enable web-ssl command from the CLI
    3. Edit the configuration file web.conf
Reference information
content

Splunk Web is not encrypted by default, so if you need it, enable it using one of the methods below.

  • Enable SSL communication from Splunk Web
  • Enable SSL communication from command
  • Enable SSL communication from configuration file

If you enable SSL communication for Splunk Web by default, use the server certificate (cert.pem) provided by Splunk by default.

How to enable SSL communication from Splunk Web

You can enable SSL communication from the GUI using Splunk Web. Please follow the steps below.

  • Log in to Splunk Web with a user with the admin role
  • From the menu on the top right of the screen, click "Settings" > "Server Settings"
  • Click "General Settings" on the Server Settings screen.
  • Select Yes for "Do you want to enable SSL (HTTPS) for Splunk Web?"
  • Click "Save"
  • From the menu on the top right of the screen, click "Settings" > "Server Control"
  • Click "Restart Splunk"
  • Restart Splunk by clicking OK on the restart confirmation dialog

Make sure you can access Splunk Web with https after the restart is complete.

To disable SSL communication again, open the "General Settings" screen in the same way as above, select "No" for "Do you want to enable SSL (HTTPS) in Splunk Web?" and save. , and restarting in ⑧.

How to enable SSL communication from command

You can enable SSL communication for Splunk Web with the following command. After executing the SSL communication enable command, execute the service restart command to reflect the settings.

<Enable SSL communication for Splunk Web>

$SPLUNK_HOME/bin/splunk enable web-ssl -auth <管理ユーザー>:<パスワード>

<Restart Splunk service>

$SPLUNK_HOME/bin/splunk restart

Make sure you can access Splunk Web with https after the restart is complete.

To disable SSL communication again, execute the following command and restart the Splunk service.

<Disabling SSL communication for Splunk Web>

$SPLUNK_HOME/bin/splunk disable web-ssl -auth <管理ユーザー>:<パスワード>

* $SPLUNK_HOME is the installation directory of Splunk, and the following is the default.

Linux:/opt/splunk
Windows:C:\Program Files\Splunk

How to enable SSL communication from the configuration file

If you want to enable SSL communication for Splunk Web in your configuration file, you need to set it in web.conf. Add the settings to the configuration file below.

<Setting file>

$SPLUNK_HOME/etc/system/local/web.conf

<Setting example>

[settings]
enableSplunkWebSSL = true

After setting, restart the Splunk service to enable SSL communication. Make sure you can access Splunk Web with https after the restart is complete.

To disable SSL communication again, return to the state before setting, or set enableSplunkWebSSL to false and restart the Splunk service.

* $SPLUNK_HOME is the installation directory of Splunk, and the following is the default.

Linux:/opt/splunk
Windows:C:\Program Files\Splunk

that's all

to previous page