Quantcast
Channel: Questions in topic: "universal-forwarder"
Viewing all articles
Browse latest Browse all 1551

How can Splunk provide forwarding/receiving security ??

$
0
0
When enabling the receiving function in a Splunk enterprise instance (indexer for example), it will be listening on port 9997 by default( changeable) and any forwarder with the information (indexer IP:port ) can forward data and it will be well received. My question here, i think i am missing something but, **If a forwarder is a malicious or external one that can infect or disable the hole process by sending a massive storage ??** **How can Splunk provide forwarding/receiving security (authentication / authorization ) ??**

Viewing all articles
Browse latest Browse all 1551

Trending Articles



<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>