Destinations for Remote Data Stores

Orbital integrates with Amazon S3, Azure, and Splunk. When selecting destinations, the required information is gathered to authenticate based on each destination's protocol. When creating and sending out the result payloads, Orbital will attempt to:

• Send an HTTP POST and expect a 200 OK response code.

• Send the Authentication: Bearer <token> header when a token is provided.

• Validate the server certificate using fingerprint or known CAs when a fingerprint is not provided.

Results can be sent to a remote data store over an HTTPS connection for devices with a valid and signed TLS certificate. For self-signed certificates, the SHA-256 fingerprint can be provided, which Orbital will use to verify the certificate presented by the remote host.

Destinations Setup Details

Amazon S3

• If you are unsure, use the default URL s3.amazonaws.com.

• The user/policy whose credentials are used must have the necessary permissions:

  • ListBucket(s) for at least the given bucket (used to determine if bucket exists)

  • PutObject

For more details, refer to the Amazon S3 documentation.

Azure

To set up an Azure remote data store, you need to connect it to Orbital. The parameters required to connect Orbital to Azure:

• The Azure container’s URL.

• The Azure container’s name.

• The Azure container’s SAS token.

Splunk

• When configuring the HTTP Event Collector in Splunk, select the _json sourcetype.

• Users can use the search term source="orbital" to find Orbital data inside Splunk.

For more details, refer to the Splunk documentation.

Regional NAT IP Addresses

Region	1st IP Address	2nd IP Address	3rd IP Address
EU	52.29.47.197	52.57.222.67	52.58.172.218
NAM	34.223.219.240	35.160.108.105	52.11.13.222
APJC	52.194.143.206	52.69.138.67	54.95.9.136

Regional NAT IP addresses make use of random high port numbers.

More Info

• Result Notifications

• The Remote Data Stores Page

• Setting Up Remote Data Stores