During upgrades from privileged deployments, Splunk SOAR (On-premises) will set firewalld rules to forward TCP 443 to TCP 8443. You specify a custom HTTPS port during installation. This port must be exposed to access services. HTTPS ports for the web interface and REST API. In an AMI-based deployment, the custom HTTPS port is set to 9999.During upgrades from privileged deployments, Splunk SOAR (On-premises) will set firewalld rules to forward TCP 443 to TCP 8443.Users who use the soar-prepare-system script during installation and who do not specify a custom HTTPS port will have 8443 set for them.You specify the HTTPS port during installation.This port must be exposed to access services without specifying the custom HTTPS port in the URL. This port is for HTTPS traffic if you use the -port-forward option or answer "yes" to the port forwarding question when you install. HTTPS port for the web interface and REST API. Used for administering the operating system. On a single instance deployment of where all services are contained on the same host, open these inbound ports in addition to allowing the Endpoints for all deployments. Consult the app's documentation for details. Used by some apps to update or install their PIP dependencies.Īpps might need to reach specific endpoints in order to provide their functions. Used by the MaxMind app to add visualizations for IP address geolocation results. Used to access the community playbook repository.Īccess is required if your deployment uses an alternative repository for playbooks. If your organization prefers, you can use a satellite server instead. Required to run YUM updates for operating system components and installed software packages. Used by the chronyd service for system clock synchronization. If you use Splunk Mobile to access on mobile devices, your deployment must be able to reach If your deployment uses a Splunk Cloud deployment instead of the embedded Splunk Enterprise instance, must be able to reach your Splunk Cloud deployment. Required for app installation and app upgrades. This table shows a list of the internet endpoints that a deployment uses. If Splunk SOAR (On-premises) is deployed on Red Hat Enterprise Linux 8.x you must use TLS 1.3 or higher on all apps, connectors, or assets connecting to Splunk SOAR (On-premises). Use these tables to design the firewall rules for your deployment. Confirm that you want to change global asset permissions.These tables list the ports which must be open to inbound traffic and internet endpoints which must be accessible to use.Check the Enable granular Asset Access Control checkbox.Select User Management > Asset Permissions. From the Main Menu, select Administration.With your app configured for this role, you can now enable granular asset access control so that these permissions take effect.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |