Security

Disable automatic and undesired traffic to beam.scs.splunk.com (Cloud Edge Processor)

woodcock
Esteemed Legend

We deployed our first Splunk in AWS using the tooling in AWS to do this and see that there is unallowed traffic calling out from our Splunk to beam.scs.splunk.com, which I see is for Splunk Cloud Edge processor, which we have no intention to use.  We would like to disable this traffic but there is no documentation on it.  Can this be done?

Labels (1)
Tags (1)
0 Karma

jotne
Builder

I did install adguard (DNS blocker) and sees that beam.scs.splunk.com is one of the default blocked sites.

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...