Splunk Enterprise Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

AWS SQS - Api calls using http only?

Stokers_23
Explorer
‎08-16-2018 05:17 AM

I have configured the AWS Add-On for Splunk and want to ingest logs from an S3 bucket by following the Splunk recommended design pattern as per http://docs.splunk.com/Documentation/AddOns/released/AWS/SQS-basedS3.

I have configured everything as specified however encountered a problem where it is not working. After looking into things it appears that Splunk is making the call to our S3 bucket via HTTP and not HTTPS. Our bucket policy states that only HTTPS connections can be made to it, as we have an organisation policy that states data must be encrypted in transit (which is fairly standard within the industry).

We have looked into all of the configurable variables within the Splunk console and cannot find a field where the get method for the SQS-based S3 can be changed to HTTPS. I’m fairly confident that Splunk would be able to make its requests via HTTPS, however we just can’t see where it can be configured. Please can you confirm if we are able to enforce https api calls?

Thanks in advance

Reply
Get Updates on the Splunk Community!

.conf24 | Registration Open!

Hello, hello! I come bearing good news: Registration for .conf24 is now open!   conf is Splunk’s rad annual ...

ICYMI - Check out the latest releases of Splunk Edge Processor

Splunk is pleased to announce the latest enhancements to Splunk Edge Processor.  HEC Receiver authorization ...

Introducing the 2024 SplunkTrust!

Hello, Splunk Community! We are beyond thrilled to announce our newest group of SplunkTrust members!  The ...