Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Forwarding to Splunk Light Cloud behind corporate firewalls

danzemmels
New Member
‎11-27-2018 11:22 AM

I'm trying to configure having Splunk Light (free test drive version) push to the Splunk Cloud Service from our Red Hat Linux box. This is all behind hefty corporate firewalls. I'm told I have a few options, but I need more information first.

1) Get fixed IP addresses for Splunk cloud services so we can open an IP address (or IP range) through the firewall for pushing up the data
2) Use Bluecoat proxy to filter by URL and forward. Or by IP address.

Can I get Splunk owned IP addresses?
Is the temp test-drive version of Splunk Cloud going to be a fixed address?

Recommendations are appreciated.
Thx

0 Karma
Reply

msivill_splunk
Splunk Employee
Splunk Employee
‎11-29-2018 02:00 AM

Have you explored the universal forwarder setup from within Splunk Cloud? Looking at this app in Splunk Cloud then "Download Universal Forwarder Credentials" you will get the required config details (after unzipping the spl file as tar.gz) for sending data over the internet which you can feedback to firewall/bluecoat folks.

0 Karma
Reply

danzemmels
New Member
‎11-29-2018 06:59 AM

Thanks. Yes I have. The Forwarder is probably working as expected. I can see the processes and whatnot. My issue is getting through our corporate firewall(s) to the Splunk Cloud. I'm looking for IP addresses to whitelist or a recommended approach someone has discovered that works well.

0 Karma
Reply
Get Updates on the Splunk Community!

Brains, Bytes, and Boston: Learn from the Best at .conf25

When you think of Boston, you might picture colonial charm, world-class universities, or even the crack of a ...

Splunk AppDynamics Agents Webinar Series

Mark your calendars! On June 24th at 12PM PST, we’re going live with the second session of our Splunk ...

SplunkTrust Application Period is Officially OPEN!

It's that time, folks! The application/nomination period for the 2025 SplunkTrust is officially open! If you ...