AXA Log Analytics firewall port configuration

book

Article ID: 129439

calendar_today

Updated On:

Products

CA App Experience Analytics

Issue/Introduction

When needing to restrict communications to the AXA server when processing Log Analytics data coming from UIM or syslog reporting directly to the server, various ports need to be opened for communication so that the data can be reported successfully.

Environment

Written related to AXA 17.3 but valid for other versions of AXA supporting Log Analytics

Resolution

This is a list of the required port configurations, TCP bi-directional where not specified:
 
ComponentPortFurther information
ElasticSearch9200Open this port between AO Analytics - Base Platform and the location of the log_monitoring_service probe
Kafka9092Open this port between AO Analytics - Base Platform and the location of the axa_log_gateway probe
Log Collector6514Open this port for agentless logs such as syslog and eventlogs.
Log Collector6060Open this port for ingestion APIs (logs, metrics, alarms, events, and inventory)
Log Collector UDP5140Open this port for agentless logs such as syslog and eventlogs.

Additional Information

These are port references for the communications between components of the product itself:
https://docops.ca.com/ca-app-experience-analytics/17-3/en/getting-started/sizing-guidelines-for-ca-app-experience-analytics/hardware-requirements#HardwareRequirements-PortReference