When needing to restrict communications to the AXA server when processing Log Analytics data coming from UIM or syslog reporting directly to the server, various ports need to be opened for communication so that the data can be reported successfully.
Environment
Written related to AXA 17.3 but valid for other versions of AXA supporting Log Analytics
Resolution
This is a list of the required port configurations, TCP bi-directional where not specified:
Component
Port
Further information
ElasticSearch
9200
Open this port between AO Analytics - Base Platform and the location of the log_monitoring_service probe
Kafka
9092
Open this port between AO Analytics - Base Platform and the location of the axa_log_gateway probe
Log Collector
6514
Open this port for agentless logs such as syslog and eventlogs.
Log Collector
6060
Open this port for ingestion APIs (logs, metrics, alarms, events, and inventory)
Log Collector UDP
5140
Open this port for agentless logs such as syslog and eventlogs.
Additional Information
These are port references for the communications between components of the product itself: https://docops.ca.com/ca-app-experience-analytics/17-3/en/getting-started/sizing-guidelines-for-ca-app-experience-analytics/hardware-requirements#HardwareRequirements-PortReference