Set up MDM and In-app registration for Android devices
You can scale app delivery to a large number of mobile devices, secure content access, and manage data on mobile devices through with Mobile Device Management (MDM). With admin setup in Splunk Cloud Gateway and a compatible MDM provider, users can register and authenticate their devices directly in Splunk Mobile for Android with their Splunk credentials. Users won't need access to Splunk Cloud Gateway.
MDM and in-app registration are currently available for the following Connected Experiences apps:
- Splunk Mobile for iOS
- Splunk Mobile for Android
- Splunk AR for iOS
The Connected Experiences apps support MDM providers that are part of the AppConfig community. This includes, but isn't limited to, InTune, MobileIron, VMware AirWatch, IBM, and Citrix.
See the AppConfig website for the iOS and Android standards and check with your MDM provider to see if they follow these standards.
To set up MDM and in-app registration for iOS users, see Set up MDM and In-app registration for iOS and devices.
To set up in-app registration and distribute Splunk Mobile for Android using MDM, take the following steps:
- Add Splunk Mobile for Android to your compatible MDM provider.
- Generate or retrieve instance ID files from all of the Splunk instances that you want your Splunk Mobile users to have access to.
- If you're providing your users access to multiple instances, combine the instance ID files into a single instance ID file using the concatenation feature in Splunk Cloud Gateway.
- Add the contents of the instance ID file as a custom app configuration for Splunk Mobile in your MDM provider.
For more details about MDM features and how the Splunk Mobile in-app device registration process works, see About Mobile Device Management with Splunk Mobile.
Prerequisites and requirements
Complete the following prerequisites before you deploy Splunk Mobile at scale with MDM and in-app registration:
- Have admin or sc_admin role access to your Splunk Enterprise or Splunk Cloud instance.
- Install Splunk Cloud Gateway on your Splunk search head.
- Have Splunk Mobile users.
- Confirm that your Cloud Gateway ID is unique and easily identifiable. In the Splunk Mobile, the Cloud Gateway IDs represent Splunk instances that users can register to.
- Use LDAP or local Splunk accounts.
- Use Android Enterprise. Android Enterprise is required to use an MDM provider with the Connected Experiences apps.
- Use a supported MDM provider. MDM providers that are a part of the AppConfig community are supported.
Steps
Complete the following steps to deploy Splunk Mobile at scale using MDM and in-app registration.
Add Splunk Mobile for Android to your MDM provider
Add Splunk Mobile as a native public app from the Play Store. See your MDM provider documentation for instructions on how to add an app.
Generate or retrieve instance ID files
Get instance ID files from Splunk Cloud Gateway on all of the Splunk instances that you want to register users to. If you've already generated an instance ID file, retrieve the existing instance ID file. If this is the first time you're getting an instance ID file, generate a new instance ID file. If you want to reset your MDM encryption and signing keys, renew the instance ID file.
Generating a new instance ID file overwrites the previous MDM signing key. Users who haven't registered using the previously deployed Splunk Mobile app can't register until they receive the new MDM signing key. You must recombine the instance ID files and upload the new combined file as a configuration to your MDM provider for users to register their devices.
If this is your first time getting an instance ID file, or if you want to renew your instance ID file, complete the following steps:
- Log into the Splunk instance that you want to register users to.
- Navigate to the Configure tab of Splunk Cloud Gateway.
- If you're getting an instance ID file for the first time, select Generate Instance ID File. If you're renewing an instance ID file, select Renew Instance ID File.
If you've already generated an instance ID file for this instance, complete the following steps to retrieve it:
- Log into the Splunk instance that you want to register users to.
- Navigate to the Configure tab of Splunk Cloud Gateway.
- Click Get Existing Instance ID File.
The instance ID file contains the instance's Splunk Cloud Gateway public encryption and signing, Cloud Gateway ID, and MDM signing private key. The files allow the mobile client to identify your Splunk instance.
Combine instance ID files
If you're providing your users access to more than one Splunk instance, combine the instance ID files in Splunk Cloud Gateway. If you're providing users access to just one instance, you can skip this step.
- On any of the Splunk instances that you generated an instance ID file with, navigate to the Configure tab of Splunk Cloud Gateway.
- Upload all of the instance ID files.
- Click Combine Instance ID Files.
Splunk Cloud Gateway runs a script that combines the instance ID files into a single instance ID file.
Configure Splunk Mobile for in-app registration
Add a custom app configuration to add Splunk Mobile to your AppConfig-compatible MDM service.
If you're using MobileIron, use the custom app configuration iOS Managed App Configuration.
If you're using another AppConfig MDM service, follow your provider's documentation to set a configuration for Splunk Mobile.
After selecting a configuration, add the instance ID information as a key value pair. Use the following information to complete the key-value fields:
- Key:
server_config
- Value: The contents of the single or combined instance ID file from Splunk Cloud Gateway
- Value type: String
Distribute Splunk Mobile to your Android users
Follow your MDM provider's instructions to distribute the Splunk Mobile app to your users.
For user documentation on how to download the MDM-distributed Splunk Mobile app, see Download Splunk Mobile.
User registration
When a user launches Splunk Mobile, they select from a list of Cloud Gateway IDs that represent the Splunk instances that instance ID files are generated from. Splunk Mobile users can select a Cloud Gateway ID and register to that Splunk instance using their Splunk credentials. See Register a MDM-distributed device for registration documentation.
(Optional) Use MDM with SAML authentication
You can use MDM with SAML authentication to secure your Connected Experiences app deployment. See Use SAML authentication with Mobile Device Management (MDM) for more information.
Set up MDM and in-app registration for iOS devices | Troubleshoot Splunk Cloud Gateway |
This documentation applies to the following versions of Splunk® Cloud Gateway (Legacy): 1.8.0, 1.9.0, 1.9.1, 1.11.0, 1.12.0, 1.12.1, 1.12.2, 1.12.4, 1.13.0, 1.13.2, 1.13.3
Feedback submitted, thanks!