Automatically Install Splunk and Enable SSL Encryption on Server Core

10 Shares

Windows Server Core is the perfect candidate for Splunk Enterprise Indexer used by the famous uberAgent. In this quick post I’m going to show you how to automatically download, install and configure Splunk for SSL Encryption.

Install.ps1

Configure.ps1

The following script will automatically configure Splunk with the uberAgent App.

Make sure that your key file isn’t encrypted with a password. I was messing around a full day trying to figure out my certificates, because Splunk logs doesn’t provide to much info when something goes wrong. For example [settings] in the web.conf are case sensitive.

Using Digicert Certificate Utility solved this in no time, just rename crt to pem.

10 Shares

Automation Framework Community Edition

The fastest way to build your lab environment.

Virtual Expo

Friday 30th of September 2022

Leave a Comment