Deployment Architecture

Any gotchas or issues using a HF with HEC in a DMZ to collect and forward data to an on-prem indexer cluster?

mikefg
Communicator

I need to collect data using HEC from an Internet source into my on-prem Splunk environment. It looks like I can run HEC on a Heavy Forwarder and then forward the collected data to my indexer cluster.

I will use https so the communication is encrypted and DNS and networking/firewall shouldn't be a problem.

Any gotchas or issues using a HF with HEC in a DMZ to collect and forward data to an on-prem indexer cluster?

Labels (1)
0 Karma
1 Solution

richgalloway
SplunkTrust
SplunkTrust

That's a fairly normal practice so I don't expect any problems.

---
If this reply helps you, Karma would be appreciated.

View solution in original post

0 Karma

richgalloway
SplunkTrust
SplunkTrust

That's a fairly normal practice so I don't expect any problems.

---
If this reply helps you, Karma would be appreciated.
0 Karma

mikefg
Communicator

Thanks! I will proceed.

0 Karma
Get Updates on the Splunk Community!

Discover Powerful New Features in Splunk Cloud Platform: Enhanced Analytics, ...

Hey Splunky people! We are excited to share the latest updates in Splunk Cloud Platform 9.3.2408. In this ...

Splunk Classroom Chronicles: Training Tales and Testimonials

Welcome to the "Splunk Classroom Chronicles" series, created to help curious, career-minded learners get ...

Access Tokens Page - New & Improved

Splunk Observability Cloud recently launched an improved design for the access tokens page for better ...