Automatically Install Splunk and Enable SSL Encryption on Server Core

Windows Server Core is the perfect candidate for Splunk Enterprise Indexer used by the famous uberAgent. In this quick post I’m going to show you how to automatically download, install and configure Splunk for SSL Encryption.

Install.ps1

Configure.ps1

The following script will automatically configure Splunk with the uberAgent App.

Make sure that your key file isn’t encrypted with a password. I was messing around a full day trying to figure out my certificates, because Splunk logs doesn’t provide to much info when something goes wrong. For example [settings] in the web.conf are case sensitive.

Using Digicert Certificate Utility solved this in no time, just rename crt to pem.

Leave a reply