Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

What domains should I allow through firewall for Splunk Mint Express?

balintn
New Member
‎01-22-2015 04:05 PM

Hi,
Our devices are used behind a firewall, where the administrator restricted web access completely.
We'd like to tell him the domain to allow, so that we can get our crash reports.
Can you tell what domain he should allow?
Thanks,
B

Tags (3)
0 Karma
Reply

croyal_splunk
Splunk Employee
Splunk Employee
‎03-31-2015 03:08 PM

The IPs assigned to the CDS authentication endpoint are:
54.193.6.245
54.183.222.143
54.183.222.136
54.153.51.51

These should be whitelisted in a customer's firewall for the CDS authentication endpoint to be reachable. Endpoints for the actual CDSes cannot be assigned static IP addresses (and hence cannot be explicitly whitelisted in a firewall). The best course of action for that would be to whitelist all the IP addresses in the US-WEST-1 zone, described by the official Amazon list found here https://ip-ranges.amazonaws.com/ip-ranges.json.

Reply

ppapadomitsos_s
Splunk Employee
Splunk Employee
‎01-23-2015 10:38 AM

Splunk Mint SDKs use a unique URL for each one of you apps, based on your API key. So if you API key is, for example, deadc0de, the domain that should be allowed through the firewall is:

deadc0de.api.splkmobile.com

However, since the endpoints that serve these URLs are behind a load balancer, unfortuinately there is no specific IP range that you can allow.

Reply

ChrisG
Splunk Employee
Splunk Employee
‎01-22-2015 04:17 PM

Mint Express runs at mint.splunk.com.

0 Karma
Reply

balintn
New Member
‎01-23-2015 06:37 AM

So if I want my app to be able tosend data to it, i have to enable mint.splunk.com?
Is this correct?

0 Karma
Reply

ChrisG
Splunk Employee
Splunk Employee
‎01-23-2015 09:26 AM

I think you would need to enable specific IP. I suggest filing a support ticket to get the necessary information. I will also send this post to the MINT team.

0 Karma
Reply
Get Updates on the Splunk Community!

Splunk Observability for AI

Don’t miss out on an exciting Tech Talk on Splunk Observability for AI!Discover how Splunk’s agentic AI ...

Splunk Enterprise Security 8.x: The Essential Upgrade for Threat Detection, ...

Watch On Demand the Tech Talk on November 6 at 11AM PT, and empower your SOC to reach new heights! Duration: ...

Splunk Observability as Code: From Zero to Dashboard

For the details on what Self-Service Observability and Observability as Code is, we have some awesome content ...