Comments (3)
Hi @jkozlowski , we are looking at couple of approaches for SSL security through SDK using self signed or Splunk generated SSL certificates. We would like to hear from you as well, if you have any suggestions for the same.
from splunk-sdk-java.
Hey @ashah-splunk, thanks for coming back to me.
The way I would solve this is how I already outlined it: your splunk server is responsible for deploying applications and is therefore a trusted piece of infrastructure. It should provide a path to a truststore file with a certificate that should be trusted when talking back to it, same way you provide the session key and host information.
Technically this information is already Iβm the splunk config, I was looking through the APIs you provide for reading config, but I think itβs per app? My preference is still for the server to provide all this config to the app, but whatever you come up with here is obviously not going to be backwards compatible, is there a way right now for me to read the splunk config somehow? Other than assuming Iβm running on the same host and trying to find it on local disk?
I think this is a pretty important problem to solve for a security product, so would appreciate some guidance and a way forward.
from splunk-sdk-java.
Another question: the value of server_uri
passed to a modular input from my observation (from deploying a splunk docker container locally) is always something like https://127.0.0.1:<port>
; whereas server_host
contains the actual hostname, that I presume the certificate presented by splunkd will be signed for. I think that means I should splice the hostname into the uri to make sure that certificate checking works?
from splunk-sdk-java.
Related Issues (20)
- Service.login() does not work well with long-lived clients HOT 2
- ResultsReaderCsv.java throws ArrayIndexOutOfBoundsException HOT 6
- Is this abandoned?? HOT 1
- Connection Reset after some requests to splunk api HOT 3
- latest SDK failed with JDK 1.6 and JDK 1.7 , Connection reset error HOT 2
- getting java.io.IOException: Premature EOF while fetching data from splunk HOT 3
- Attributes from Splunk ES Correlation Search Entry HOT 5
- Need a way to turn on TLS hostname verification HOT 2
- JFrog Repo Not Accessible HOT 1
- how to add custom header if we use AWS API Gateway X-API-Key validation HOT 12
- maven-deploy-plugin is included as a transitive dependency in 1.7.1 HOT 2
- Splunk Java SDk not supporting sslCertPath while writing to outputs.conf HOT 12
- Modular Input: Error during ValidationDefinition/InputDefinition when no value for parameter is passed HOT 11
- SSL ValidateCertificates Still Attempts to Validate When Set to False HOT 4
- The SSL verification fails even when setValidateCertificates was set to `false` HOT 3
- SSL Certificates issue: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException HOT 2
- Aggregate field values are cut off when it presents dollar symbols ($) HOT 1
- create search job returns HTTP 400 response with message: "Please specify timerange to search data"
- Service.connect method is not compatible for token based authentication
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
π Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. πππ
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google β€οΈ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from splunk-sdk-java.