Splunk Enterprise

What is the IP range for Splunk Light Cloud?

zetasafelimited
Engager

I understand I need to open port outbound port 9997, however, what is the IP range for Splunk Light Cloud as we require IPs for our firewall? I understand it uses AWS.

0 Karma
1 Solution

jkat54
SplunkTrust
SplunkTrust

You should have a FQDN that was provided to you. Just run nslookup on that.

However, i believe the IP will change over time and so it's best to use a tool like centralops.net 's domain dossier to get the full network block, etc.

So for example when I did a network whois on my elastic IP i got the following:

NetRange:       52.32.0.0 - 52.63.255.255
CIDR:           52.32.0.0/11
NetName:        AT-88-Z
NetHandle:      NET-52-32-0-0-1
Parent:         NET52 (NET-52-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       
Organization:   Amazon Technologies Inc. (AT-88-Z)
RegDate:        2015-09-02
Updated:        2015-09-02
Ref:            https://whois.arin.net/rest/net/NET-52-32-0-0-1

The net block you're in will probably depend on where your instance was built, and will not necessarily be the same as mine.

View solution in original post

jkat54
SplunkTrust
SplunkTrust

You should have a FQDN that was provided to you. Just run nslookup on that.

However, i believe the IP will change over time and so it's best to use a tool like centralops.net 's domain dossier to get the full network block, etc.

So for example when I did a network whois on my elastic IP i got the following:

NetRange:       52.32.0.0 - 52.63.255.255
CIDR:           52.32.0.0/11
NetName:        AT-88-Z
NetHandle:      NET-52-32-0-0-1
Parent:         NET52 (NET-52-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       
Organization:   Amazon Technologies Inc. (AT-88-Z)
RegDate:        2015-09-02
Updated:        2015-09-02
Ref:            https://whois.arin.net/rest/net/NET-52-32-0-0-1

The net block you're in will probably depend on where your instance was built, and will not necessarily be the same as mine.

zetasafelimited
Engager

Thanks, I had to add all the US West AWS IP Range.

0 Karma
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In November, the Splunk Threat Research Team had one release of new security content via the Enterprise ...

Index This | Divide 100 by half. What do you get?

November 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with this ...

Stay Connected: Your Guide to December Tech Talks, Office Hours, and Webinars!

❄️ Celebrate the season with our December lineup of Community Office Hours, Tech Talks, and Webinars! ...