Splunk® Private Spacebridge

Set up Private Spacebridge

Configure your Private Spacebridge deployment

After setting up Private Spacebridge, you can configure your deployment with the onboarding UI or editing the instance ID file, depending on the Splunk platform version you're using.

Prerequisite

Complete the following steps before configuring Private Spacebridge:

Configure Splunk Secure Gateway for Splunk platform version 9.0 or higher

Splunk Secure Gateway for Splunk platform version 9.0 doesn't require you to edit your MDM instance ID file to manually configure Private Spacebridge. Splunk Secure Gateway automatically completes this step for you. You can still modify this file before uploading to your MDM provider.

If you're using a Mobile Device Management (MDM) provider, follow the steps at Set up MDM and in-app registration for the Connected Experiences apps. Client devices using the uploaded configuration automatically connect to your Private Spacebridge.

If your users are logging in using the QR code method, Private Spacebridge requires no additional setup. The QR code generated by Splunk Secure Gateway automatically directs your mobile clients to connect to your Private Spacebridge.

When you launch Splunk Secure Gateway, complete the onboarding steps to configure your Private Spacebridge location and HTTP endpoint.

Configure Splunk platform instance fields for Splunk platform versions lower than 9.0

If you're using a Splunk platform version lower than 9.0, you can configure various fields in an instance ID file to customize your MDM, SAML, or Private Spacebridge configuration.

Here's an example instance ID file:

{
   "server_directory" : [{
     "sign_public_key": "<public_key>",
     "encrypt_public_key": "<public_key>",
     "deployment_name": "<name>",
     "mdm_sign_private_key": "<private_key>",    
     "login_type": <login_type>,
     "instance_url": <saml_url>,
"custom_endpoint_id" : <id_string>}
   ],
 
   "endpoint_config" : {
     "custom_endpoint_id" : <id_string>,
     "custom_endpoint_hostname" : <url_string>,
     "custom_endpoint_grpc_hostname" : <url_string>,
     "client_cert_required" : <true/false>}
}

The following table lists objects that are a part of the server_directory clause. Each server_directory clause represents a Splunk platform instance using Private Spacebridge.

Field Type Value Configuration area
server_directory Array Represents a Splunk platform instance deployment that appears in the instance list in the mobile client. General
sign_public_key String Base64 encoding of the Splunk instance deployment public key for signing. MDM registration
encrypt_public_key String Base64 encoding of the Splunk instance deployment public key for encryption. MDM registration
deployment_name String User-friendly name of the Splunk instance. Displayed on the instance list in the mobile client. MDM registration
mdm_sign_private_key String Base64 encoding of the secret key used to sign login requests. MDM registration
login_type Enum "saml" (Optional) If not present, the app defaults to username and password login. SAML registration
instance_url URL SAML URL. Required if login_type = "saml". SAML registration

Private Spacebridge fields

The following table lists objects that are apart of the endpoint_config clause. Each endpoint_config clause represents a Private Spacebridge instance.

Field Type Value Configuration area
endpoint_config Array Represents a Private Spacebridge instance. Private Spacebridge
custom_endpoint_id String (Required) A user-friendly name for the Private Spacebridge instance that appears on the mobile client. Use this value in the server_directory clause to configure a Splunk platform instance to use this Private Spacebridge. Private Spacebridge
custom_endpoint_hostname String (Required) HTTP domain that you created when configuring your Kubernetes cluster. Private Spacebridge
custom_endpoint_grpc_hostname String (Required) Hostname for registered devices to get dashboard data from. Private Spacebridge
client_cert_required Bool (Optional) Determines whether the user must have a valid client certificate installed. Defaults to true. Mark false if you aren't distributing a certificate to client devices. Private Spacebridge
Last modified on 02 March, 2023
Get started with Private Spacebridge  

This documentation applies to the following versions of Splunk® Private Spacebridge: 1.1.0


Was this topic useful?







You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters