Get started with Splunk Secure Gateway
Manage your Connected Experiences mobile app deployment and allow users to register their devices to a Splunk platform instance. Splunk Secure Gateway is a default-enabled app in Splunk Cloud version 8.1.2103 and higher and Splunk Enterprise version 8.1.0 and higher.
To learn more about Splunk Secure Gateway, see About Splunk Secure Gateway.
Spacebridge has been certified to meet SOC2, Type 2 and ISO 27001 standards. Splunk Cloud customers who have specifically purchased a HIPAA or PCI-DSS regulated environment may transmit the applicable regulated data to Spacebridge as it is HIPAA and PCI-DSS compliant. Spacebridge may not be used in environments that require the FIPS 140-2 standard for cryptographic modules. See Splunk Secure Gateway and Spacebridge Compliance Standards to learn more.
Requirements
Complete the following before using Splunk Secure Gateway:
- Opt in to using Python 3. See Python interpreter settings in the Splunk Enterprise Python 3 Migration manual.
- Have the admin role.
- Agree to the opt-in notice that appears when you first launch Splunk Secure Gateway.
- Make sure that KV store is running. See KV store troubleshooting tools and Back up and restore KV store in the Splunk Enterprise Admin Manual to learn how to check the status of KV store and for KV store best practices.
See the following requirements for using Splunk Secure Gateway.
Component | Requirements |
---|---|
Operating system | Windows or Linux operating systems |
Hardware | Minimum processor size of 4 cores and 16GB of ram. The minimum AWS instance size is m5.xlarge. |
Splunk platform version |
Splunk Secure Gateway requires Splunk Enterprise version 8.1.0 or higher. |
Splunk Platform role | Admin, sc_admin, power, and normal users can use Splunk Secure Gateway if they have the securegateway role. |
Directory Service | Splunk Secure Gateway supports SAML authentication and local Splunk accounts. See Set up SAML authentication for Splunk Secure Gateway for more information about setting up SAML authentication. |
Proxy server requirements
See (Optional) Use a proxy server with Splunk Secure Gateway to set up a proxy server with Splunk Secure Gateway.
Agree to the opt-in notice
To use Splunk Secure Gateway, agree to the opt-in compliance notice when you first click the Splunk Secure Gateway app. You must be an admin to agree to this compliance notice. To learn more about compliance details, see Splunk Secure Gateway and Spacebridge compliance standards.
Non-admin users will see a general information notice about Splunk Secure Gateway when they click the app until an admin agrees to this opt-in notice.
Migrate from Splunk Cloud Gateway to Splunk Secure Gateway
If you're already using Splunk Cloud Gateway, copy your data from Splunk Cloud Gateway over to Splunk Secure Gateway. See Migrate from Splunk Secure Gateway to Splunk Secure Gateway.
After migrating from Splunk Cloud Gateway to Splunk Secure Gateway, restart your Splunk platform.
Configure Splunk Secure Gateway permissions
A user with the admin or sc_admin role must configure the appropriate permissions in Splunk Web to enable users to use Splunk Secure Gateway. Users must have the securegateway role to access Splunk Secure Gateway and register their devices.
the securegateway role
Users must have the securegateway role to access Splunk Secure Gateway and register their devices. Users with the securegateway role can view and manage their own devices on the Devices page.
The securegateway role has the following capabilities:
Capability | Description |
---|---|
securegateway_read |
|
securegateway_write |
|
A user with the admin or sc_admin roles can modify these capabilities per user using the Splunk role-based access control permissions system.
The admin and sc_admin role
The admin and sc_admin roles inherit the securegateway role by default. Only users with the admin or sc_admin role can do the following:
- Opt into using Splunk Secure Gateway on first launch. Non-admin users with the securegateway role can use Splunk Secure Gateway afterward.
- Have full access to the Devices and Configure page
- Assign and edit roles
- Select which apps to show dashboards from in the Connected Experiences apps. To learn how, see Choose which Splunk apps to show dashboards from in the mobile apps.
Assign a user the securegateway role
The Connected Experiences apps provide role-based access control. Admins can edit roles and capabilities to manage who can see what data. See About configuring role-based user access in the Splunk Enterprise Securing the Splunk Platform manual to learn more about role-based access control.
To add a user from the securegateway role, do the following steps:
- Log into your Splunk platform as a user with the Splunk admin role.
- In Splunk Web, click Settings > Access Controls.
- Click Users.
- Click Edit next to the user you want to update.
- In the Assign to roles section, click securegateway to add the role.
- Click Save.
See Add and edit users in the Splunk Enterprise Securing the Splunk Platform manual for more information about roles.
About Splunk Secure Gateway | Use a proxy server with Splunk Secure Gateway |
This documentation applies to the following versions of Splunk® Secure Gateway: 2.5.6 Cloud Only, 2.5.7
Feedback submitted, thanks!