Security
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question
Solved! Jump to solution

Splunk TV: Firewall Rules to connect Apple TV + Splunk TV app to Splunk Cloud Gateway / Cloud Bridge

st4ple
Path Finder
‎11-08-2019 03:20 AM

I'm trying to get Splunk TV on Apple TV approved by Security in my company. The connection from the Cloud Gateway app on the SHC to the Cloud Bridge is sufficently documented here: https://docs.splunk.com/Documentation/Gateway/1.8.0/Installation/Installation, but I'm struggling to find the equivalent for the connection between the Cloud Bridge and Apple TV with the Splunk TV app on it.

What I'm trying to find out is what connections on which port(s) I need to open in the Firewall for Apple TV and the Splunk TV app to work.

Does anyone have more details here? Perhaps from your own attempts of getting Splunk TV on Apple TV approved?

0 Karma
Reply
1 Solution
Solved! Jump to solution
Solution

FrankVl
Ultra Champion
‎11-08-2019 05:57 AM

Looking at outbound network traffic from my AppleTV around the time I had the Splunk TV app open, it is only connecting out on port 443 it seems.

Bit hard to pinpoint to which hosts, but I do see one of the IPs belonging to prod.spacebridge.spl.mobi showing up. Combining that with the mouse over text on that image in the docs, it seems 443 to prod.spacebridge.spl.mobi is all you need, both for the connection between splunk and the cloud bridge as well as from the appletv/mobile devices to the cloud bridge.

View solution in original post

Reply
Solved! Jump to solution
Solution

FrankVl
Ultra Champion
‎11-08-2019 05:57 AM

Looking at outbound network traffic from my AppleTV around the time I had the Splunk TV app open, it is only connecting out on port 443 it seems.

Bit hard to pinpoint to which hosts, but I do see one of the IPs belonging to prod.spacebridge.spl.mobi showing up. Combining that with the mouse over text on that image in the docs, it seems 443 to prod.spacebridge.spl.mobi is all you need, both for the connection between splunk and the cloud bridge as well as from the appletv/mobile devices to the cloud bridge.

Reply
Get Updates on the Splunk Community!

.conf24 | Day 0

Hello Splunk Community! My name is Chris, and I'm based in Canberra, Australia's capital, and I travelled for ...

Enhance Security Visibility with Splunk Enterprise Security 7.1 through Threat ...

(view in My Videos)Struggling with alert fatigue, lack of context, and prioritization around security ...

Troubleshooting the OpenTelemetry Collector

  In this tech talk, you’ll learn how to troubleshoot the OpenTelemetry collector - from checking the ...