Documentation > Splunk > Admin Manual > Blacklisting & Whitelisting Servers

Admin Manual

 


Overview
Setting Up Data Inputs
Authentication
Changing the Way Splunk Processes Your Data
Creating and Using Configuration Bundles
Configuring Your Sources
Splunk-2-Splunk Management
Integration
Managing Your Filesystem
How-To's

Blacklisting & Whitelisting Servers

This documentation does not apply to the most recent version of Splunk. Click here for the latest version.

Contents

Blacklisting & Whitelisting Servers

Fowarding & Receiving

By default, any Splunk Server can forward data to any other Splunk Server that has enabled receiving. There is currently no way in Splunk to block a specific server, you can use a firewall (IPchains, IPTables, etc.) to restrict traffic to known servers.


Distributed Search

By default, any Splunk Sever can distribute searches to any other Splunk Server that has Distributed Search turned on. There is currently no way to block a specific server. However, you can disable auto-discoverability to prevent other servers from discovering it.

Retrieved from "http://docs.splunk.com/Documentation/Splunk/2.2.3/Admin/BlacklistingWhitelistingServers"

This documentation applies to the following versions of Splunk: 2.1 , 2.2 , 2.2.1 , 2.2.3 , 2.2.6 View the Article History for its revisions.


You must be logged into splunk.com in order to post comments. Log in now.

Was this documentation topic helpful?

If you'd like to hear back from us, please provide your email address:

We'd love to hear what you think about this topic or the documentation as a whole. Feedback you enter here will be delivered to the documentation team.

Feedback submitted, thanks!