Security

Splunk TV: Firewall Rules to connect Apple TV + Splunk TV app to Splunk Cloud Gateway / Cloud Bridge

st4ple
Path Finder

I'm trying to get Splunk TV on Apple TV approved by Security in my company. The connection from the Cloud Gateway app on the SHC to the Cloud Bridge is sufficently documented here: https://docs.splunk.com/Documentation/Gateway/1.8.0/Installation/Installation, but I'm struggling to find the equivalent for the connection between the Cloud Bridge and Apple TV with the Splunk TV app on it.

What I'm trying to find out is what connections on which port(s) I need to open in the Firewall for Apple TV and the Splunk TV app to work.

Does anyone have more details here? Perhaps from your own attempts of getting Splunk TV on Apple TV approved?

0 Karma
1 Solution

FrankVl
Ultra Champion

Looking at outbound network traffic from my AppleTV around the time I had the Splunk TV app open, it is only connecting out on port 443 it seems.

Bit hard to pinpoint to which hosts, but I do see one of the IPs belonging to prod.spacebridge.spl.mobi showing up. Combining that with the mouse over text on that image in the docs, it seems 443 to prod.spacebridge.spl.mobi is all you need, both for the connection between splunk and the cloud bridge as well as from the appletv/mobile devices to the cloud bridge.

View solution in original post

FrankVl
Ultra Champion

Looking at outbound network traffic from my AppleTV around the time I had the Splunk TV app open, it is only connecting out on port 443 it seems.

Bit hard to pinpoint to which hosts, but I do see one of the IPs belonging to prod.spacebridge.spl.mobi showing up. Combining that with the mouse over text on that image in the docs, it seems 443 to prod.spacebridge.spl.mobi is all you need, both for the connection between splunk and the cloud bridge as well as from the appletv/mobile devices to the cloud bridge.

Get Updates on the Splunk Community!

Take Your Breath Away with Splunk Risk-Based Alerting (RBA)

WATCH NOW!The Splunk Guide to Risk-Based Alerting is here to empower your SOC like never before. Join Haylee ...

SignalFlow: What? Why? How?

What is SignalFlow? Splunk Observability Cloud’s analytics engine, SignalFlow, opens up a world of in-depth ...

Federated Search for Amazon S3 | Key Use Cases to Streamline Compliance Workflows

Modern business operations are supported by data compliance. As regulations evolve, organizations must ...