Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

Forwarding to Splunk Light Cloud behind corporate firewalls

danzemmels
New Member
‎11-27-2018 11:22 AM

I'm trying to configure having Splunk Light (free test drive version) push to the Splunk Cloud Service from our Red Hat Linux box. This is all behind hefty corporate firewalls. I'm told I have a few options, but I need more information first.

1) Get fixed IP addresses for Splunk cloud services so we can open an IP address (or IP range) through the firewall for pushing up the data
2) Use Bluecoat proxy to filter by URL and forward. Or by IP address.

Can I get Splunk owned IP addresses?
Is the temp test-drive version of Splunk Cloud going to be a fixed address?

Recommendations are appreciated.
Thx

0 Karma
Reply

msivill_splunk
Splunk Employee
Splunk Employee
‎11-29-2018 02:00 AM

Have you explored the universal forwarder setup from within Splunk Cloud? Looking at this app in Splunk Cloud then "Download Universal Forwarder Credentials" you will get the required config details (after unzipping the spl file as tar.gz) for sending data over the internet which you can feedback to firewall/bluecoat folks.

0 Karma
Reply

danzemmels
New Member
‎11-29-2018 06:59 AM

Thanks. Yes I have. The Forwarder is probably working as expected. I can see the processes and whatnot. My issue is getting through our corporate firewall(s) to the Splunk Cloud. I'm looking for IP addresses to whitelist or a recommended approach someone has discovered that works well.

0 Karma
Reply
Career Survey
First 500 qualified respondents will receive a $20 gift card! Tell us about your professional Splunk journey.
Take the Survey
Get Updates on the Splunk Community!

Tech Talk Recap | Mastering Threat Hunting

Mastering Threat HuntingDive into the world of threat hunting, exploring the key differences between ...

Observability for AI Applications: Troubleshooting Latency

If you’re working with proprietary company data, you’re probably going to have a locally hosted LLM or many ...

Splunk AI Assistant for SPL vs. ChatGPT: Which One is Better?

In the age of AI, every tool promises to make our lives easier. From summarizing content to writing code, ...