Get Splunk Secure Gateway
Manage your Connected Experiences mobile app deployment and allow users to register their devices to a Splunk Enterprise instance. Enable Splunk Secure Gateway in the Manage Apps page of Splunk web. Splunk Cloud currently doesn't support Splunk Secure Gateway.
Splunk Secure Gateway is installed on all members of the search head cluster.
To learn more about Splunk Secure Gateway, see About Splunk Secure Gateway.
After migrating from Splunk Cloud Gateway to Splunk Secure Gateway, restart your Splunk platform.
Prerequisites and Requirements
Complete the following before using Splunk Secure Gateway:
- Opt in to using Python 3. See Python interpreter settings in the Splunk Enterprise Python 3 Migration manual.
- Have the securegateway role.
- Make sure that KV store is running. See KV store troubleshooting tools and Back up and restore KV store in the Splunk Enterprise Admin Manual to learn how to check the status of KV store and for KV store best practices.
See the following requirements for using Splunk Secure Gateway.
Component | Requirements |
---|---|
Operating system | Windows or Linux operating systems |
Hardware | Minimum processor size of 4 cores and 16GB of ram. The minimum AWS instance size is m5.xlarge. |
Splunk platform version |
Splunk Secure Gateway requires Splunk Enterprise version 8.1.0 or higher. Splunk Cloud does not support Splunk Secure Gateway. |
Splunk Platform role | Admin, sc_admin, power, and normal users can use Splunk Secure Gateway if they have the securegateway role. |
Directory Service | Splunk Secure Gateway supports SAML authentication and local Splunk accounts. See Set up SAML authentication for Splunk Secure Gateway for more information about setting up SAML authentication. |
Proxy server requirements
See (Optional) Use a proxy server with Splunk Secure Gateway to set up a proxy server with Splunk Secure Gateway.
Enable Splunk Secure Gateway for Splunk Enterprise
Splunk Enterprise version 8.1.0 and higher includes Splunk Secure Gateway, so you don't need to install it from Splunkbase. Enable it in the Manage Apps page of Splunk web:
- Select the Apps dropdown tab > Manage Apps. Or select the gear icon from the Splunk homepage.
- Click Enable next to Splunk Secure Gateway.
Migrate from Splunk Cloud Gateway to Splunk Secure Gateway
If you're already using Splunk Cloud Gateway, copy your data from Splunk Cloud Gateway over to Splunk Secure Gateway. See Migrate from Splunk Secure Gateway to Splunk Secure Gateway.
Configure Splunk Secure Gateway permissions
Admins must configure the appropriate permissions in Splunk Web to enable users to use Splunk Secure Gateway. Users must have the securegateway role to register their devices with the authentication code method or to use any other feature of Splunk Secure Gateway.
Only users with the admin role can use the Configure tab, edit roles, and select apps to show dashboards in the Connected Experiences apps. By default, admins have the securegateway_read and securegateway_write capabilities, and therefore have full access to the Splunk Secure Gateway app.
The Connected Experiences apps provide role-based access control. You can edit roles and capabilities to manage who can see what data. See About configuring role-based user access in the Splunk Enterprise Securing the Splunk Platform manual to learn more about role-based access control.
To add a user from the securegateway role, do the following steps:
- Log into your Splunk platform as a user with the Splunk admin role.
- In Splunk Web, click Settings > Access Controls.
- Click Users.
- Click Edit next to the user you want to update.
- In the Assign to roles section, click securegateway to add the role.
- Click Save.
See Add and edit users in the Splunk Enterprise Securing the Splunk Platform manual for more information about roles.
About Splunk Secure Gateway | Use a proxy server with Splunk Secure Gateway |
This documentation applies to the following versions of Splunk® Secure Gateway: 2.4.0, 2.0.2
Feedback submitted, thanks!