Article directory
Preface
Splunk Enterprise is a powerful machine data management platform that helps customers analyze, search, and visualize data. Machine data refers to data generated by an enterprise's internal IT infrastructure or internal websites, applications, sensors, network devices, etc. This data is very important to businesses as it helps them increase productivity, create more profits, and improve security levels.
In a few simple steps, combine the cpolar intranet penetration tool to achieve remote access to the local Splunk Enterprise management platform in any browser anytime, anywhere to improve work efficiency. For other system versions, the same setting method is used!
1. Build Splunk Enterprise
Here we use the free version from the official website, which is installed on the Windows platform.
After downloading, double-click the downloaded installation package and install it all the way. During the process, set the username and password to log in to the management platform. After the installation is successful, enter it in the browser http://127.0.0.1:8000/to see the Splunk Enterprise login interface. Enter the account and password set during the installation process. After you can log in and local access is correct, install cpolar below to achieve remote access.
2. Windows installation cpolar
Visit the cpolar official website, register an account, and then download and install the client. For specific installation instructions, please refer to the official website documentation tutorial.
cpolar official website: https://www.cpolar.com/
- Windows system: After downloading the installation package from the official website, double-click the installation package and install it by default.
- Linux system: supports one-click automatic installation script. For details, please refer to the official website documentation - Getting Started Guide
After cpolar is successfully installed, access the local 9200 port [ http://localhost:9200 ] on the browser and log in using the cpolar account.
3. Create a Splunk Enterprise public network access address
After logging in, click Tunnel Management - Create Tunnel on the left dashboard to create an 8000 http tunnel.
- Tunnel name: You can customize the name. Be careful not to duplicate the existing tunnel name.
- Protocol: Select http
- Local address: 8000 (local Splunk Enterprise port)
- Domain name type: Choose a random domain name for free
- Region: Select China vip
Click创建
After the tunnel is successfully created, click the status on the left - Online tunnel list to view the generated public network access address. There are two access methods, one is http and https, both methods can be accessed!
4. Remote access to Splunk Enterprise services
Open the browser and use the cpolar https public network address to access it. You can see that the access is successful. In this way, the public network address accessed by the browser of a remote or any device has been set. To access the new address, you may need to log in again!
5. Fixed remote address
Since the tunnel created using cpolar above uses a random public network address, it will change randomly within 24 hours, which is not conducive to long-term remote access. Therefore, we can configure a second-level subdomain name for it. This address is a fixed address and will not change randomly [ps: cpolar.cn has been filed]
Note that you need to upgrade the cpolar package to a basic package or above, and the bandwidth corresponding to each package is different. [cpolar.cn has been registered]
Log in to the cpolar official website backend , click Reserve on the left, select to reserve the second-level subdomain name, set a second-level subdomain name, click Reserve, and copy the reserved second-level subdomain name after the reservation is successful.
After the reservation is successful, copy the reserved second-level subdomain name address
Log in to the cpolar web UI management interface, click Tunnel Management - Tunnel List on the left dashboard, find the tunnel you want to configure, and click Edit on the right
Modify the tunnel information and configure the successfully reserved second-level subdomain name into the tunnel.
- Domain name type: Select a second-level subdomain name
- Sub Domain: Fill in the successfully reserved second-level subdomain name
Click更新
After the update is completed, open the online tunnel list. At this time, you can see that the public network address has changed and the address name has become a reserved and fixed second-level subdomain name.
After the address is set, use the fixed domain name public network https address to access. You can see that the access is also successful. In this way, a permanent fixed public network address is set. To access the new address domain name, you need to log in again!
