Security
×

Join the Conversation

Without signing in, you're just watching from the sidelines. Sign in or Register to connect, share, and be part of the Splunk Community.
Ask a Question

Splunk Cloud IP range

jodyglsi
Engager
‎11-24-2014 05:25 AM

Hi,

We are in the process of moving from Splunk on premise to Splunk Cloud and we need to configure LDAPS authentication (such a shame ADFS or SAML aren't supported!).
This requires we open up LDAPS on our firewall and for obvious reasons we want to limit this to only the IP's used by Splunk Cloud. Can anyone confirm these please?

Many thanks!

Tags (3)
Reply

yannK
Splunk Employee
Splunk Employee
‎09-11-2015 07:58 AM

On large Splunkcloud deployments, use an nslookup on your search-head, and you will have the IP.
example : nslookup megazilla.splunkcloud.com
if you have several search-heads, use sh1.megazilla.splunkcloud.com sh2.megazilla.splunkcloud.com etc...

Remark : this does not apply to self service splunkcloud instances, as they use your splunk.com username for the authentication, and cannot use LDAP

For your indexers, use the same technique with the 5 dns load balanced addresses:
nslookup inputs1.megazilla.splunkcloud.com
nslookup inputs2.megazilla.splunkcloud.com
nslookup inputs3.megazilla.splunkcloud.com
nslookup inputs4.megazilla.splunkcloud.com
nslookup inputs5.megazilla.splunkcloud.com

.

0 Karma
Reply

mcronkrite
Splunk Employee
Splunk Employee
‎09-01-2015 07:16 AM

Contact Splunk Cloud Ops support and get the IPs of your Search Heads, and supporting management servers. Only your search heads should have direct user access. When you setup ldap.conf you will need to specify the secure port. Use good SSL certificates to complete the connection.

0 Karma
Reply
Got questions? Get answers!

Join the Splunk Community Slack to learn, troubleshoot, and make connections with fellow Splunk practitioners in real time!

Meet up IRL or virtually!

Join Splunk User Groups to connect and learn in-person by region or remotely by topic or industry.

Get Updates on the Splunk Community!

[Puzzles] Solve, Learn, Repeat: Character substitutions with Regular Expressions

This challenge was first posted on Slack #puzzles channelFor BORE at .conf23, we had a puzzle question which ...

Splunk Community Badges!

  Hey everyone! Ready to earn some serious bragging rights in the community? Along with our existing badges ...

[Puzzles] Solve, Learn, Repeat: Matching cron expressions

This puzzle (first published here) is based on matching timestamps to cron expressions.All the timestamps ...