Alerting
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Security around AlertEmails from SplunkCloud

JScordo
Path Finder
‎01-15-2016 07:19 AM

My security team has questions surrounding the security of the email alerts sent by SplunkCloud. If these alerts we have set up include sensitive data/information and are getting sent from SplunkCloud to our in-house distro groups is there a way to encrypt them? Does SplunkCloud encrypt them by default or pass them through a secure channel?

0 Karma
Reply

khourihan_splun
Splunk Employee
Splunk Employee
‎01-16-2016 02:05 PM

Splunk Cloud does not presently support encrypted or signed emails. If this is a requirement, please contact your SE and ask him/her to file a feature request.

If it must be secure, for now I'd recommend making API calls over the REST-API (https) to pull alerts from the management port.

Keep in mind you need to file a ticket asking for the API to be opened up (port is blocked by default).

You can specify a list of IP's for them to whitelist if you'd like (its an option).

Reply
Get Updates on the Splunk Community!

OpenTelemetry for Legacy Apps? Yes, You Can!

This article is a follow-up to my previous article posted on the OpenTelemetry Blog, "Your Critical Legacy App ...

UCC Framework: Discover Developer Toolkit for Building Technology Add-ons

The Next-Gen Toolkit for Splunk Technology Add-on Development The Universal Configuration Console (UCC) ...

.conf25 Community Recap

Hello Splunkers, And just like that, .conf25 is in the books! What an incredible few days — full of learning, ...