Security

Forwarding to Splunk Light Cloud behind corporate firewalls

danzemmels
New Member

I'm trying to configure having Splunk Light (free test drive version) push to the Splunk Cloud Service from our Red Hat Linux box. This is all behind hefty corporate firewalls. I'm told I have a few options, but I need more information first.

1) Get fixed IP addresses for Splunk cloud services so we can open an IP address (or IP range) through the firewall for pushing up the data
2) Use Bluecoat proxy to filter by URL and forward. Or by IP address.

Can I get Splunk owned IP addresses?
Is the temp test-drive version of Splunk Cloud going to be a fixed address?

Recommendations are appreciated.
Thx

0 Karma

msivill_splunk
Splunk Employee
Splunk Employee

Have you explored the universal forwarder setup from within Splunk Cloud? Looking at this app in Splunk Cloud then "Download Universal Forwarder Credentials" you will get the required config details (after unzipping the spl file as tar.gz) for sending data over the internet which you can feedback to firewall/bluecoat folks.

0 Karma

danzemmels
New Member

Thanks. Yes I have. The Forwarder is probably working as expected. I can see the processes and whatnot. My issue is getting through our corporate firewall(s) to the Splunk Cloud. I'm looking for IP addresses to whitelist or a recommended approach someone has discovered that works well.

0 Karma
Get Updates on the Splunk Community!

Optimize Cloud Monitoring

  TECH TALKS Optimize Cloud Monitoring Tuesday, August 13, 2024  |  11:00AM–12:00PM PST   Register to ...

What's New in Splunk Cloud Platform 9.2.2403?

Hi Splunky people! We are excited to share the newest updates in Splunk Cloud Platform 9.2.2403! Analysts can ...

Stay Connected: Your Guide to July and August Tech Talks, Office Hours, and Webinars!

Dive into our sizzling summer lineup for July and August Community Office Hours and Tech Talks. Scroll down to ...