For some users, Splunk integration may not work out of the box. Java 1.7 (which powers Tomcat, and Securonix) has SSL disabled by default. This results in the following error while attempting to connect to Splunk in Securonix:

No appropriate protocol (protocol is disabled or cipher suites are inappropriate)

However, the Splunk API can be accessed only by SSL encrypted connections. To fix this problem, SSL can be enabled on Java through the following steps: 1. Locate the JAVA_HOME directory (location where the Java used by tomcat is installed) 2. Open JAVA_HOME\jre\lib\security\java.security in a text editor 3. Find the line "jdk.tls.disabledAlgorithms=SSLv3" and comment it (by prefixing a '#' sign to the line). 4. Save and close the file 5. Restart Tomcat. Securonix should now be able to connect to Splunk, provided the connection settings are correct.

Also see: http://answers.splunk.com/answers/209379/no-appropriate-protocol-protocol-is-disabled-or-ci.html#answer-213388

asked 22 Jul '15, 23:59

aravind's gravatar image

aravind
2514
accept rate: 0%

edited 29 Jul '15, 11:50


Tested on 4.6.11GA

link

answered 22 Jul '15, 23:59

aravind's gravatar image

aravind
2514
accept rate: 0%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×3
×1

Asked: 22 Jul '15, 23:59

Seen: 7,276 times

Last updated: 29 Jul '15, 11:50