Allow Splunk Observability Cloud services in your network 🔗
A number of different services make up Splunk Observability Cloud. If your organization has stringent networking security policies that apply to sending data to third parties, use one of the following methods to ensure network access to Splunk Observability Cloud services:
Note
If you write to http://domain/path, the request must happen on port 80. Similarly, if you write to https://domain/path, the request must happen on port 443. If you want to use a different port, you must use http[s]://domain:port/path
Use a simple HTTP/HTTPS proxy 🔗
If you can get out to the internet using a proxy, then using an HTTP/HTTPS proxy is your simplest option.
Ensure that you give the proxy the ability to resolve the network names and make outbound HTTP/HTTPS network connections to the URLs listed in URLs to allow in your network or the domains listed in Domains to allow in your network.
Use the Splunk Distribution of OpenTelemetry Collector 🔗
Use the Splunk Distribution of OpenTelemetry Collector in gateway mode. You can forward metrics locally to the Splunk Distribution of OpenTelemetry Collector, which serves as your local store-and-forward service for telemetry.
Ensure that you give the Splunk Distribution of OpenTelemetry Collector the ability to resolve the network names and make outbound HTTPS network connections to the URLs listed in URLs to allow in your network or the domains listed in Domains to allow in your network. Verify also the list of exposed ports and endpoints.
Configure proxy settings 🔗
If you need to use a proxy, set one of the following environment variables according to your needs:
HTTP_PROXY: The HTTP proxy addressHTTPS_PROXY: The HTTPS proxy addressNO_PROXY: If you have a proxy, this option sets addresses that don’t use the proxy
The following examples show how to set the HTTP_PROXY and HTTPS_PROXY environment variable for hosts and containers:
$Env:HTTP_PROXY = "proxy.address:<port>"
$Env:HTTPS_PROXY = "proxy.address:<port>"
export HTTPS_PROXY = "proxy.address:<port>"
export HTTPS_PROXY = "proxy.address:<port>"
services:
otelcol:
environment:
- HTTP_PROXY='proxy.address:<port>'
- HTTPS_PROXY='proxy.address:<port>'
-e HTTP_PROXY=proxy.address:<port>
-e HTTPS_PROXY=proxy.address:<port>
env:
- name: HTTP_PROXY
value: 'proxy.address:<port>'
- name: HTTPS_PROXY
value: 'proxy.address:<port>'
- name: Install Splunk OpenTelemetry Collector
hosts: all
become: 'yes'
tasks:
- name: Include splunk_otel_collector
include_role:
name: signalfx.splunk_otel_collector.collector
vars:
splunk_access_token: YOUR_ACCESS_TOKEN
splunk_realm: SPLUNK_REALM
# Set the proxy address, respectively for http_proxy and https_proxy environment variables
# It must be a full URL like http://user:[email protected] Not used by Ansible itself.
splunk_otel_collector_proxy_http: proxy.address:<port>
splunk_otel_collector_proxy_https: proxy.address:<port>
# Set the ip or hosts that don't use proxy settings. Only used if splunk_otel_collector_proxy_http
# or splunk_otel_collector_proxy_https is defined. Default is localhost,127.0.0.1,::1)
splunk_otel_collector_no_proxy): 127.0.0.1
Restart the Collector after adding these environment variables to your configuration.
Replace the SignalFx Gateway with the Splunk Distribution of OpenTelemetry Collector 🔗
If you are using the SignalFx Gateway, replace it with the Splunk Distribution of OpenTelemetry Collector running in gateway mode.
URLs to allow in your network 🔗
Note
Note about realms
A realm is a self-contained deployment of Splunk Observability Cloud in which your organization is hosted. Different realms have different API endpoints. For example, the endpoint for sending data in the us1 realm is https://ingest.us1.signalfx.com, while the endpoint for sending data in the eu0 realm is
https://ingest.eu0.signalfx.com.
When you see a placeholder realm name in the documentation, such as <YOUR_REALM>, replace it with your actual realm name. To find your realm name, open the left navigation menu in Observability Cloud, select , and select your username. The realm name appears in the Organizations section. If you don’t include the realm name when specifying an endpoint, Observability Cloud defaults to the us0 realm.
If your organization’s networking security policies require you to individually allow services delivered over the internet, ensure that you allow the following service URLs on your network:
\*.signalfx.com
\*.<YOUR_REALM>.signalfx.com
If you’re unable to allow all URLs as shown here, see Domains to allow in your network.
Domains to allow in your network 🔗
If you’re unable to allow all URLs as described in URLs to allow in your network, ensure that you allow the following domains on your network:
# Observability Cloud API base URL (https://dev.splunk.com/observability/docs/apibasics/api_list)
api.<YOUR_REALM>.signalfx.com
# Splunk Observability Cloud user interface
app.<YOUR_REALM>.signalfx.com
customer-api.<YOUR_REALM>.signalfx.com
# CDN for Splunk Observability Cloud files and installers
dl.signalfx.com
# Backfill API base URL (https://dev.splunk.com/observability/reference/api/backfill/latest)
backfill.<YOUR_REALM>.signalfx.com
# Data ingest API base URL (https://dev.splunk.com/observability/docs/datamodel/ingest/)
ingest.<YOUR_REALM>.signalfx.com
# SignalFlow API base URL (https://dev.splunk.com/observability/reference/api/signalflow/latest)
stream.<YOUR_REALM>.signalfx.com
# RUM ingest endpoint
rum-ingest.<YOUR_REALM>.signalfx.com/v1/rum
# For td-agent/Fluentd on Linux and Windows
packages.treasuredata.com
# For DEB/RPM collector packages
splunk.jfrog.io
Note
For more information, see the Endpoint Summary topic in the Observability Cloud Developer Guide.