고정 헤더 영역
상세 컨텐츠
본문
반응형
DBX app을 이용하여 AWS athena의 데이터를 수집하려고 했다.
Splunk Cloud기준으로 outbound 444 port가 허용되지 않았다.
1. nslookup 명령을 이용해서 IP를 찾는다. (AWS 리전은 상황에 따라서 변경)
nslookup athena.ap-northeast-2.amazonaws.com
2. outbound port를 허용한다.
https://docs.splunk.com/Documentation/SplunkCloud/9.1.2312/Config/ConfigureOutboundPorts
Configure outbound ports for Splunk Cloud Platform - Splunk Documentation
Configure outbound ports for Splunk Cloud Platform Some Splunk Cloud Platform use cases require opening an outbound port so that your deployment can establish an outbound network connection with an external resource. For example, to configure Splunk federa
docs.splunk.com
curl -X POST 'https://admin.splunk.com/dearu/adminconfig/v2/access/outbound-ports' \\n
--header 'Authorization: Bearer eyJraWQiOiJzcGx1bmsuc2VjcmV0IiwiYWxnIjoiSFM1MTIiLCJ2ZXIiOiJ2MiIsInR0eXAiOiJzdGF0aWMifQ.eyJpc3MiOiJpanVuZ0BzcGx1bmsuY29tIGZyb20gc2gtaS0wYzgxN2Y5MWNjNDc0NDgyOCIsInN1YiI6ImlqdW5nQHNwbHVuay5jb20iLCJhdWQiOiJBQ1MiLCJpZHAiOiJTcGx1bmsiLCJqdGkiOiIxMDVmNDhmMjUwMjFhNmU3NGJjZmZjYTA0MmNlMDllODEyNDM3ODNkNGRmZDY3MTI4NTFmN2U0YjA3OWI3YWU1IiwiaWF0IjoxNzExNTI4ODM0LCJleHAiOjE3MTY3MTI4MzQsIm5iciI6MTcxMTUyODgzNH0.K0yMuayL8PkyWl73bdBlkix33TIfRqMMzLynSOTfRmZ_DG_QRtt_DJX2Jgr4rz0t1-8GEy-bs3pBbU-3DyRuWg' \\n--header 'Content-Type: application/json' \\n
--data-raw '{\n "outboundPorts": [{"subnets": ["3.35.92.185/32", "52.78.10.152/32"], "port": 444}],\n "reason": "integration for DBX with athena.ap-northeast-2.amazonaws.com"\n}'당연이 Authorization 부분의 값은 위의 메뉴얼을 참고해서 변경해야 한다.
API 호출시 token은 token을 생성하여 활용해야 한다.
반응형
'Splunk > Platform' 카테고리의 다른 글
| 웹서버 이벤트 제너레이트 (0) | 2024.04.09 |
|---|---|
| AWS EventBridge to Splunk via HEC (0) | 2023.05.29 |
| 검색 조건을 추가할 때 유용 (0) | 2022.08.11 |
| Dashboard에 dropdown 사용법 (0) | 2022.08.11 |
| Multi time range in Dashboard Studio (0) | 2022.08.06 |
댓글 영역