Security

SSO or Load Balancing for the 8089 Management Port

mikaelbje
Motivator

Hi,

I have a Splunk Search Head Cluster set up with a F5 LTM load balancer in front. This is set up for the Splunk web interface, but would it make sense to do the same for the management port? I don't do any authentication on the F5 LTM.

I'm thinking it shouldn't be a problem as long a we're using sticky sessions and no authentication on the LTM since the 8089 Management Port doesn't honour the X-Remote-User header anyway so we'd have to log in never the less, but what would you suggest?

  1. Use Load Balancing from the LTM to the 3 search heads' Management Ports
  2. Direct requests to one of the search heads?
0 Karma
1 Solution

esix_splunk
Splunk Employee
Splunk Employee

This would make sense if you're doing a lot of API (REST) calls against the SHC. You can load balance that in the same manner you are doing web (8000 or 443.)

View solution in original post

0 Karma

esix_splunk
Splunk Employee
Splunk Employee

This would make sense if you're doing a lot of API (REST) calls against the SHC. You can load balance that in the same manner you are doing web (8000 or 443.)

0 Karma

mikaelbje
Motivator

So no pitfalls to be aware of? Nothing in small print stating that this shouldn't be done?

0 Karma
Get Updates on the Splunk Community!

Fastest way to demo Observability

I’ve been having a lot of fun learning about Kubernetes and Observability. I set myself an interesting ...

September Community Champions: A Shoutout to Our Contributors!

As we close the books on another fantastic month, we want to take a moment to celebrate the people who are the ...

Splunk Decoded: Service Maps vs Service Analyzer Tree View vs Flow Maps

It’s Monday morning, and your phone is buzzing with alert escalations – your customer-facing portal is running ...