Security

What domains should I allow through firewall for Splunk Mint Express?

balintn
New Member

Hi,
Our devices are used behind a firewall, where the administrator restricted web access completely.
We'd like to tell him the domain to allow, so that we can get our crash reports.
Can you tell what domain he should allow?
Thanks,
B

Tags (3)
0 Karma

croyal_splunk
Splunk Employee
Splunk Employee

The IPs assigned to the CDS authentication endpoint are:
54.193.6.245
54.183.222.143
54.183.222.136
54.153.51.51

These should be whitelisted in a customer's firewall for the CDS authentication endpoint to be reachable. Endpoints for the actual CDSes cannot be assigned static IP addresses (and hence cannot be explicitly whitelisted in a firewall). The best course of action for that would be to whitelist all the IP addresses in the US-WEST-1 zone, described by the official Amazon list found here https://ip-ranges.amazonaws.com/ip-ranges.json.

ppapadomitsos_s
Splunk Employee
Splunk Employee

Splunk Mint SDKs use a unique URL for each one of you apps, based on your API key. So if you API key is, for example, deadc0de, the domain that should be allowed through the firewall is:

deadc0de.api.splkmobile.com

However, since the endpoints that serve these URLs are behind a load balancer, unfortuinately there is no specific IP range that you can allow.

ChrisG
Splunk Employee
Splunk Employee

Mint Express runs at mint.splunk.com.

0 Karma

balintn
New Member

So if I want my app to be able tosend data to it, i have to enable mint.splunk.com?
Is this correct?

0 Karma

ChrisG
Splunk Employee
Splunk Employee

I think you would need to enable specific IP. I suggest filing a support ticket to get the necessary information. I will also send this post to the MINT team.

0 Karma