I have two ways to connect to a search head, and 1 is secured with SSL, while the other is not.
1: https://ip:port
2: https://dns.name.com:port
Is there a way I can disable option 1, and force everyone to use the DNS name?
I'm not sure there's a way to remove the ability to access it via IP address, but you could use variants of the following search to find those who are doing it.
index=_internal sourcetype=splunk_web_access | stats count by referer_domain, user
Then perhaps a kindly worded email could take care of the problem?
Interesting. The best practice is to use a load balancer with search head clustering
Meaning, the users should access the load balancer which is in front of the search heads as a cluster or not...
agreed, however no load balancer is available.