Reputation: 1436
Sending Application logs to splunk cloud securely
I am trying to send the application logs to Splunk Cloud. My application is hosted over the AKS cluster and the Splunk agent is running as a sidecar container. The application logs are sent to the Splunk cloud using an HEC token.
I know the HEC token adds a layer of security to the logs being sent to the Splunk cloud. Can anyone recommend other security measures from a network perspective that can be implemented as part of this architecture to secure the logs that are being sent to the Splunk cloud?
Upvotes: 0
Views: 230
Answers (1)
Reputation: 1329
Sure let me drop you a few recomendations, make sure that your communication with Splunk Cloud is encrypted using TLS (HTTPS).
You can implement network segmentation to isolate your AKS cluster from unauthorized access. Use firewalls and security groups to control traffic and limit access only to the necessary IP ranges.
If you are using Azure AKS, consider using Virtual Network Service Endpoints for Azure Storage and Azure Monitor.
As you can have muti level securities, you can have more than one.
Upvotes: 2