Related Answers
Download topic as PDF
About securing Splunk software
During and after your Splunk Enterprise installation, you must take steps to secure both your configuration and your data. Securing your Splunk Enterprise installation reduces its attack surface and mitigates the risk and impact of most vulnerabilities. Some procedures are simple, such as confirming that your servers are physically secure and that your properly manage your credentials. Others, such as configuring encryption, are more complex, but are equally as important to the integrity of your data.
Read this manual to learn about all of the areas of security that you should consider:
- Secure installation of Splunk Enterprise
- Management of users and role-based access control using your chosen form of authentication
- Usage of certificates to secure indexers, forwarders, and Splunk Web, where data is most vulnerable
- Usage of encryption to secure your configuration information
- Usage of auditing to keep track of activity in your system.
Use the How to secure and harden your Splunk software installation as a checklist and roadmap to ensure that you make your configuration and data as secure as possible.
|
NEXT How to secure and harden your Splunk software installation |
This documentation applies to the following versions of Splunk® Enterprise: 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4, 6.3.5, 6.3.6, 6.3.7, 6.3.8, 6.3.9, 6.3.10, 6.3.11, 6.3.12, 6.3.13, 6.3.14, 6.4.0, 6.4.1, 6.4.2, 6.4.3, 6.4.4, 6.4.5, 6.4.6, 6.4.7, 6.4.8, 6.4.9, 6.4.10, 6.4.11, 6.5.0, 6.5.1, 6.5.1612 (Splunk Cloud only), 6.5.2, 6.5.3, 6.5.4, 6.5.5, 6.5.6, 6.5.7, 6.5.8, 6.5.9, 6.5.10, 6.6.0, 6.6.1, 6.6.2, 6.6.3, 6.6.4, 6.6.5, 6.6.6, 6.6.7, 6.6.8, 6.6.9, 6.6.10, 6.6.11, 6.6.12, 7.0.0, 7.0.1, 7.0.2, 7.0.3, 7.0.4, 7.0.5, 7.0.6, 7.0.7, 7.0.8, 7.0.9, 7.1.0, 7.1.1, 7.1.2, 7.1.3, 7.1.4, 7.1.5, 7.1.6, 7.1.7, 7.2.0, 7.2.1, 7.2.2, 7.2.3, 7.2.4, 7.2.5, 7.2.6
Feedback submitted, thanks!