search

splunk / ansible-role-for-splunk

Splunk@Splunk's Ansible role for installing Splunk, upgrading Splunk, and installing apps/addons on Splunk deployments (VM/bare metal)
Apache License 2.0
147 stars 103 forks source link

Setting a DS Key should change broker requireauth to true #204

Open arcsector opened 1 year ago

arcsector commented 1 year ago

From the latest server.conf spec:

[deployment]
pass4SymmKey = <passphrase string>
    * Authenticates traffic between the deployment server (DS) and its
      deployment clients (DCs).
    * By default, DS-DCs passphrase authentication key is disabled. To enable
      DS-DCs passphrase authentication, you must *also* add the following
      line to the [broker:broker] stanza in the restmap.conf file:
          requireAuthentication = true

This means that this broker:broker setting must be set on the DS before auth will succeed. This should probably be done in a deploymentserver configuration file, along with configuring the pass4symmkey as well.