Splunk Enterprise
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Ask a Question

internet server mapping

roopeshetty
Path Finder
3 weeks ago

Hi

 

We have Splunk Enterprise installed on a Windows computer which does not have direct access to the internet. To access the internet on that computer, usually we open a browser like Chrome or Edge then enter some required website (example : https:\\www.yahoomail.com) and press enter. Then a pop up will come on the browser which will ask us to enter the credentials. This popup will have our internet proxy server Url with port number that is https://myinternetserver01.mydomain.com:4443 and a option to enter username and password as attached in the screenshot. Once we enter the credentials it will allow us to browse any website on that computer until we log out from that computer. Due to this restrictions, we are unable to use some of the splunk add ons which requires internet connection. We tried many options using proxy settings but none of them are working.

 

Can some one please guide us where can we input this internet server URL, Port and credentials so that Splunk will have a direct connection to internet and we can use all spunk add on which needs internet.

roopeshetty_1-1733290565325.png

 

 

 

Labels (1)
Labels
0 Karma
Reply

victor_menezes
Path Finder
2 weeks ago

Hi @roopeshetty ,
Can you elaborate more about what did you try already when you mentioned " We tried many options using proxy settings but none of them are working."?

 

Also, it is not sure if you are running in a standalone environment or a clustered one, and if the proxy configs you tried were in conf files or added via REST.

Check this documentation about some good example on how to configure proxy and non-proxy addresses, and make sure that you define the http/https_proxy correctly (use the same config mentioned in your browser for reference if that is using a direct proxy address instead of a auto-discovery script.)

Configure splunkd to use your HTTP Proxy Server - Splunk Documentation

Notice that you must pass the authentication in the URL if your proxy requires it. ( like http://user:pass@myproxy.com:80)

0 Karma
Reply
Get Updates on the Splunk Community!

Enterprise Security Content Update (ESCU) | New Releases

In December, the Splunk Threat Research Team had 1 release of new security content via the Enterprise Security ...

Why am I not seeing the finding in Splunk Enterprise Security Analyst Queue?

(This is the first of a series of 2 blogs). Splunk Enterprise Security is a fantastic tool that offers robust ...

Index This | What are the 12 Days of Splunk-mas?

December 2024 Edition Hayyy Splunk Education Enthusiasts and the Eternally Curious!  We’re back with another ...