A short question:
I have configured IT data block signing, as described here:http://docs.splunk.com/Documentation/Splunk/6.0/Security/ITDataSigning
Checking the integrity via "Show Source" in SplunkWeb works fine, but is there a way to verify the integrity with a search command (so I can perform the check via API, etc.).
Example: I want an output as the following SPL-Statement gives me, if audit event signing is enabled.
index=_audit | audit | table validity gap _raw