Why is the Splunk Web service not running after an upgrade to 6.2? Learn more »
Splunk Enterprise 6 includes an OpenSSL FIPS module; see About FIPS in the Securing Splunk manual.
Note that upgrading a non-FIPS install to FIPS is not supported by Splunk – you must decide to use FIPS when your first install the product.
Splunk (the software) has not been submitted for FIPS 140-2 accreditation. At this time, there are no plans that I am aware of to engage in the accreditation process.
Splunk uses OpenSSL shared libraries for all encryption, and according to openssl.org, OpenSSL will never be FIPS-140-2 validated/accredited:
Furthermore, Splunk does not use the OpenSSL FIPS Object Model, which has been uniquely validated as FIPS-140-2 compliant. At this time, we do not anticipate moving to the OpenSSL FIPS Object Model because of compatibility and portability reasons.
Cisco CSA Indexing Issue 2 Answers