![]() ![]() This is where I tried to paste the Authorization token information. I added the Role Phantom to the Admin Role and then tried to add the Phantom server under the Configuration tab within the Phantom App. Then I updated /opt/splunk/etc/system/local/nf to add the line to the Captain. On Splunk Enterprise, I installed the Phantom App for Splunk on my Deployer and pushed it out to my SH Cluster. I created a new Automation account called splunk-app, gave it the CIDR range 192.168.3.0/24 and any and kept the role 'Automation'.ĥ. I setup LDAP for the Phantom server and added 1 additional user after applying the license key.Ĥ. opt/phantom/etc/ssl/private/httpd_cert.keyģ. opt/phantom/etc/ssl/certs/httpd_cert.crt I created an SSL certificate using the AWS certificate manager and applied the SSL certificates to the below location and backed up the originals as noted in the documetation. ![]() Use AWS Phantom AMI to Launch the instanceĢ. So curl works now but it is crying about self signed SSL certificates.ġ. Libnsock nsock_trace_handler_callback(): Callback: READ EOF for EID 18 so it turns out i had some DNS issues within the environment which i have since resolved. Libnsock nsock_readbytes(): Read request for 0 bytes from IOD #2 EID 26 ![]() Libnsock nsock_read(): Read request from IOD #1 (timeout: -1ms) EID 18 Libnsock nsock_iod_new2(): nsock_iod_new (IOD #2) Libnsock nsock_trace_handler_callback(): Callback: CONNECT SUCCESS for EID 8 Libnsock nsock_connect_tcp(): TCP connection requested to .xxx:443 (IOD #1) EID 8 Libnsock nsock_iod_new2(): nsock_iod_new (IOD #1) NCAT DEBUG: Unable to load trusted CA certificates from /usr/share/ncat/ca-bundle.crt: error:02001002:system library:fopen:No such file or directory NCAT DEBUG: Using system default trusted CA certificates and those in /usr/share/ncat/ca-bundle.crt. No ERROR logs on the Splunk side which is odd. How to fix it, please visit the web page mentioned above. So the curl does not resolve to the DNS name.Ĭurl: (6) Could not resolve host: ~]$ curl -X Get " " -H "Authorization: Bearer token"Ĭurl: (60) SSL certificate problem: self signed certificate in certificate chainĬurl failed to verify the legitimacy of the server and therefore could notĮstablish a secure connection to it. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |