Re: Splunk universal forwarder v6.2.6.274160, how ...

panzerkw · ‎11-02-2015

We continue to get the freak vulnerability security item show up on our scans and the ssl version of splunk was identified as an issue. Does the new install package remove the old ssl version or do I have to remove it manually?

MuS · ‎11-02-2015

Hi panzerkw,

you're asking actually two different things here.

The initial question was how can I verify which version of SSL it's using?
Answer: check out this answer https://answers.splunk.com/answers/134053/ciphersuite-in-various-conf-files.html or run this command $SPLUNK_HOME/bin/splunk cmd openssl version
The second question was Does the new install package remove the old ssl version or do I have to remove it manually?
Answer: Splunk's install package include all software components that Splunk require, so it will update the SSL version in $SPLUNK_HOME not the one for the OS!

Hope this helps ...

cheers, MuS

jcrabb_splunk · ‎11-03-2015

Just to add to the wonderful comment above (thank you MuS), you will also find the version listed in the release notes, under third party software.

http://docs.splunk.com/Documentation/Splunk/6.2.6/ReleaseNotes/OpenSSL

Just in case you want to compare Splunk versions or confirm prior to installation.

Jacob
Sr. Technical Support Engineer

Splunk universal forwarder v6.2.6.274160, how can I verify which version of SSL it's using?

More Ways To Control Your Costs With Archived Metrics | Register for Tech Talk

.conf24 | Personalize your .conf experience with Learning Paths!

Threat Hunting Unlocked: How to Uplevel Your Threat Hunting With the PEAK Framework ...