About HTTPS with TLS 1.2 encryption for federated search

For the purposes of federated search, an internal REST API endpoint on port 8089 facilitates communication between local and remote Splunk platform search heads using HTTPS with Transport Layer Security (TLS) 1.2 encryption. You can set up HTTPS proxy data transmission for federated search. Federated search does not support HTTP proxy data transmission.

For more information about configuring an HTTPS proxy server for a Splunk Enterprise deployment, see Configure splunkd to use your HTTP Proxy Server in the Splunk Enterprise Admin Manual.

For more information about configuring TLS encryption for a Splunk Enterprise deployment, see the following links in Securing Splunk Enterprise.

About TLS encryption and cipher suites
Introduction to securing the Splunk platform with TLS
Configure TLS certificates for inter-Splunk communication for details on activating mutually-authenticated TLS, or mTLS.

Note: To set up an HTTPS proxy server and TLS encryption for a Splunk Cloud Platform deployment, contact your Support representative.

Splunk Enterprise

Splunk Cloud Platform

Splunkbase

Enterprise Security

SOAR

IT Service Intelligence

Content Packs

Splunk Observability Cloud

AppDynamics SaaS

AppDynamics On-Premises

SAP Agent

Developer Documentation

Splunkbase

Splunk Enterprise

Splunk Cloud Platform

Splunkbase

DATA MANAGEMENT

SEARCH AND ANALYTICS

ADMINISTRATION

Enterprise Security

SOAR

ENTERPRISE SECURITY

SOAR

RELATED APPS

IT Service Intelligence

Content Packs

ITSI

IT Ops

ADMINISTRATION

EXTENSIONS

Splunk Observability Cloud

MONITORING

DATA MANAGEMENT

ADMINISTRATION

AppDynamics SaaS

AppDynamics On-Premises

SAP Agent

ESSENTIALS

MONITORING

ADMINISTRATION

Developer Documentation

Splunkbase

PLATFORM

OBSERVABILITY

REFERENCE

Resources

REFERENCE

Learn More

Support

About HTTPS with TLS 1.2 encryption for federated search