Security
×

Are you a member of the Splunk Community?

Sign in or Register with your Splunk account to get your questions answered, access valuable resources and connect with experts!
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Ask a Question

What domains should I allow through firewall for Splunk Mint Express?

balintn
New Member
‎01-22-2015 04:05 PM

Hi,
Our devices are used behind a firewall, where the administrator restricted web access completely.
We'd like to tell him the domain to allow, so that we can get our crash reports.
Can you tell what domain he should allow?
Thanks,
B

Tags (3)
0 Karma
Reply

croyal_splunk
Splunk Employee
Splunk Employee
‎03-31-2015 03:08 PM

The IPs assigned to the CDS authentication endpoint are:
54.193.6.245
54.183.222.143
54.183.222.136
54.153.51.51

These should be whitelisted in a customer's firewall for the CDS authentication endpoint to be reachable. Endpoints for the actual CDSes cannot be assigned static IP addresses (and hence cannot be explicitly whitelisted in a firewall). The best course of action for that would be to whitelist all the IP addresses in the US-WEST-1 zone, described by the official Amazon list found here https://ip-ranges.amazonaws.com/ip-ranges.json.

Reply

ppapadomitsos_s
Splunk Employee
Splunk Employee
‎01-23-2015 10:38 AM

Splunk Mint SDKs use a unique URL for each one of you apps, based on your API key. So if you API key is, for example, deadc0de, the domain that should be allowed through the firewall is:

deadc0de.api.splkmobile.com

However, since the endpoints that serve these URLs are behind a load balancer, unfortuinately there is no specific IP range that you can allow.

Reply

ChrisG
Splunk Employee
Splunk Employee
‎01-22-2015 04:17 PM

Mint Express runs at mint.splunk.com.

0 Karma
Reply

balintn
New Member
‎01-23-2015 06:37 AM

So if I want my app to be able tosend data to it, i have to enable mint.splunk.com?
Is this correct?

0 Karma
Reply

ChrisG
Splunk Employee
Splunk Employee
‎01-23-2015 09:26 AM

I think you would need to enable specific IP. I suggest filing a support ticket to get the necessary information. I will also send this post to the MINT team.

0 Karma
Reply
Get Updates on the Splunk Community!

Automatic Discovery Part 1: What is Automatic Discovery in Splunk Observability Cloud ...

If you’ve ever deployed a new database cluster, spun up a caching layer, or added a load balancer, you know it ...

Real-Time Fraud Detection: How Splunk Dashboards Protect Financial Institutions

Financial fraud isn't slowing down. If anything, it's getting more sophisticated. Account takeovers, credit ...

Splunk + ThousandEyes: Correlate frontend, app, and network data to troubleshoot ...

 Are you tired of troubleshooting delays caused by siloed frontend, application, and network data? We've got a ...