Splunk Dev
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

How do I configure firewall when forwarding from on-premise to Cloud?

panderla
Loves-to-Learn Lots
‎10-11-2017 01:46 PM

I am building firewall policies to implement an on-premise Splunk Enterprise system and need to forward some data to a Splunk Cloud instance.

What communication ports are used?

0 Karma
Reply

mattymo
Splunk Employee
Splunk Employee
‎10-11-2017 01:59 PM

Hi Panderla,

There is an excellent answer available here:

https://answers.splunk.com/answers/153990/what-security-settings-do-i-need-to-setup-for-splunk-cloud...

In short, you need to allow your TCP port 9997 to the cloud indexers, which you can find/resolve from the splunk_forwarder_app in outputs.conf

- MattyMo
0 Karma
Reply
Get Updates on the Splunk Community!

New in Observability Cloud - Explicit Bucket Histograms

Splunk introduces native support for histograms as a metric data type within Observability Cloud with Explicit ...

Updated Team Landing Page in Splunk Observability

We’re making some changes to the team landing page in Splunk Observability, based on your feedback. The ...

New! Splunk Observability Search Enhancements for Splunk APM Services/Traces and ...

Regardless of where you are in Splunk Observability, you can search for relevant APM targets including service ...