Splunk® Private Spacebridge

Set up Private Spacebridge

Acrobat logo Download manual as PDF


This documentation does not apply to the most recent version of Splunk® Private Spacebridge. For documentation on the most recent version, go to the latest release.
Acrobat logo Download topic as PDF

Get started with Private Spacebridge

Deploy Private Spacebridge directly within your own Kubernetes cluster so that you can own an end-to-end pipeline for connecting mobile devices to your Splunk platform instance. See About Private Spacebridge to learn more about how Private Spacebridge works.

If you're interested in using Private spacebridge, visit this page to sign up: https://www.splunk.com/en_us/form/privately-hosted-spacebridge-for-splunk-secure-gateway.html.

Prerequisites

Complete the following before getting started with Private Spacebridge:

  • You must be using one of the following Splunk platforms:
    • Splunk Cloud Platform version 8.1.2106 or higher
    • Splunk Enterprise version 8.2.2 or higher
  • Have admin-level access to your Kubernetes cluster
  • Have access to a non-FIPS test environment, test Splunk platform instance, and test client devices
  • If you're using Splunk Mobile or Splunk AR, deploy Mobile Device Management (MDM) for your devices. See About MDM and in-app registration to learn more about MDM. You don't need to use MDM if you're using Private Spacebridge with Splunk TV.
  • Sign up to get started with Private Spacebridge at https://www.splunk.com/en_us/form/privately-hosted-spacebridge-for-splunk-secure-gateway.html.
  • Receive a ZIP package that includes the following components:
    • Private Spacebridge Helm Chart TAR file
    • Private Spacebridge Docker image TAR file

After completing the prerequisites, see the following steps to deploy Private Spacebridge.

1. Configure your Kubernetes cluster to set up Private Spacebridge

See the Kubernetes documentation for more information about configuring your Kubernetes cluster. Here's how to set up Private Spacebridge:

  1. Create a namespace, such as spacebridge, for Private Spacebridge in your Kubernetes cluster.
  2. Install Private Spacebridge using the provided Helm Chart TAR file. See the README file included in the provided package for detailed instructions.
  3. Add the Private Spacebridge Docker image TAR file to your Docker registry.
  4. Create certificates and register domains for gRPC and HTTP Spacebridge endpoints. You'll use the domain names in your MDM configuration and securegateway.conf file.
  5. Configure ingress to Spacebridge gRPC and HTTP services with the certificates you created in the previous step.
  6. (Optional) If your cluster doesn't already have log forwarding enabled, you can forward Private Spacebridge logs to any Splunk platform instance using an HTTP Event Collector. See Configure HTTP Event Collector on Splunk Enterprise and the Helm Chart fluentd parameters in the provided README file.

2. Acquire the Connected Experiences apps

If you're using Splunk Mobile or Splunk AR, distribute the app using an MDM provider. Splunk TV doesn't require MDM distribution.

Splunk Mobile or Splunk AR

See your MDM provider's documentation to complete the following steps for Splunk Mobile users:

  1. Locate the following versions of the Connected Experiences apps that you're using in your MDM provider's app store:
    1. Splunk Mobile for iOS version 2.13.0 or higher
    2. Splunk Mobile for Android version 2021.01.29 or higher
    3. Splunk AR for iOS version 3.2.0 or higher
  2. Add the apps you're using to your MDM instance.
  3. Deploy the test devices you plan to use in the Private Spacebridge beta program.

Splunk TV

Download Splunk TV for Android and Fire TV version 2021.10.11 or higher, Splunk TV for Apple TV 3.7.0 or higher, or Splunk TV Companion 1.2.0 or higher.

3. Configure Splunk Secure Gateway to point at Private Spacebridge

Configure the securegateway.conf file and client devices to point to the Private Spacebridge domain:

  1. Create the file $SPLUNK_HOME/etc/apps/splunk_secure_gateway/local/securegateway.conf.
  2. Add to the newly created file the following lines, using the HTTP domain that you created when configuring your Kubernetes cluster: 
    [setup]
spacebridge_server=<HTTP spacebridge domain>
  3. Restart your Splunk platform.
  4. Verify the connection has been established. Enter the following query in the Splunk Search and Reporting app: 
    index=_internal sourcetype="secure_gateway*" connected

4. Configure client devices to point at Private Spacebridge

  1. In the Configure tab of Splunk Secure Gateway, click Generate an Instance ID File.
  2. Open the instance ID file in a text editor.
  3. After the server_directory clause, copy and paste the following endpoint_config clause so that your instance ID file looks like this: 
    {
   "server_directory" : [{
     "sign_public_key": "<public_key>",
     "encrypt_public_key": "<public_key>",
     "deployment_name": "<name>",
     "mdm_sign_private_key": "<private_key>",    
     "login_type": <login_type>,
     "instance_url": <saml_url>,
"custom_endpoint_id" : <id_string>}
   ],
 
   "endpoint_config" : {
     "custom_endpoint_id" : <id_string>,
     "custom_endpoint_hostname" : <url_string>,
     "custom_endpoint_grpc_hostname" : <url_string>,
     "client_cert_required" : <true/false>}
}
  4. Edit the values for the following fields in the instance ID file:
    Field Type Value
    custom_endpoint_id String A user-friendly name for the Private Spacebridge instance.
    custom_endpoint_hostname String HTTP domain that you created when configuring your Kubernetes cluster.
    custom_endpoint_grpc_hostname String Hostname for registered devices to get dashboard data from.
    client_cert_required Bool Determines whether the user must have a valid client certificate installed. Defaults to true. Mark false for the duration of the beta program.
  5. Save the file.
  6. Add the instance ID file to your MDM provider. See Add the instance ID to your MDM provider in the Administer Splunk Secure Gateway manual.

Optionally, you can edit more fields in the instance ID file to configure your deployment. See Configure your Private Spacebridge deployment to learn more.

5. Register client devices

Register the client devices that are using the Connected Experiences apps with your Splunk platform. See the following documentation to log into your Splunk Platform from the app you're using:

App Documentation
Splunk Mobile, Splunk AR, or Splunk for iPad Register an MDM-distributed device
Splunk TV for Android and Fire TV Log into a Splunk platform instance from your Android TV or Fire TV using Private Spacebridge
Splunk TV for Apple TV. Log into a Splunk platform instance from your Apple TV using Private Spacebridge
Last modified on 17 December, 2021
PREVIOUS
About Private Spacebridge 		  NEXT
Configure your Private Spacebridge deployment

This documentation applies to the following versions of Splunk® Private Spacebridge: 1.0.0

Was this documentation topic helpful?


You must be logged into splunk.com in order to post comments. Log in now.

Please try to keep this discussion focused on the content covered in this documentation topic. If you have a more general question about Splunk functionality or are experiencing a difficulty with Splunk, consider posting a question to Splunkbase Answers.

0 out of 1000 Characters