Prerequisites applicable for Log360

Before starting Log360 in your environment, ensure that the following are taken care of.

 

Ports required for Log360

The following port has to be open in Log360 for Elasticsearch.

Port Number

Port Usage

9322 (TCP)

Communication with Elasticsearch server

 

Ports required for ADAudit Plus

The following ports need to be opened for event collection:

Port Number(s)

Port Usage

389

Communication with LDAP protocol

135

Communication with RPC

445,135

Communication with NetBIOS Session Service

 

The following ports are needed to access ADAudit Plus:

Port Number

Port Usage

8081

HTTP

8444

HTTPS

 

 

Ports required for EventLog Analyzer

EventLog Analyzer requires the below mentioned ports to be opened on the server:

Port Number(s)

Port Usage

8400 (TCP)

Web server port

513, 514 (UDP)

Syslog listener port

514 (TCP)

Syslog listener port

33335 (TCP)

PostgreSQL/MS SQL database port

 

Agentless log collection:

The below mentioned ports need to be opened on the server and the remote host machine for agentless log collection to be enabled.

EventLog Analyzer uses the following ports for WMI, RPC, and DCOM.

Port Number(s)

Port Usage

135, 445, 139 (TCP)

WMI, DCOM, RPC

49152-65534 (TCP)

WMI, DCOM, RPC

 

Agent-based Log collection:

EventLog Analyzer uses the following ports for local agent to server UDP communication.

Port Number(s)

Port Usage

5000, 5001, 5002 (UDP)

UDP ports for EventLog Analyzer local agent-server communication

EventLog Analyzer uses the following ports for remote agent to server TCP communication: 

Port Number

Port Usage

8400 (TCP)

TCP port for EventLog Analyzer remote agent-server communication

 

For IBM AS/400

The below mentioned ports need to be opened on the server and the remote host machine.

Port Number(s)

Port Usage

446-449, 8470-8476, 9470-9476 (TCP)

Keep the mentioned ports opened for access to IBM AS/400 machines

 

Ports required for O365 Manager Plus

The following ports need to be opened for event collection:

Port Number

Port Usage

80 (TCP) (HTTP)

Communication with Exchange and Microsoft Online

443 (TCP) (HTTPS)

Communication with Exchange and Microsoft Online (SSL)

 

The following ports are needed to access O365 Manager Plus:

Port Number

Port Usage

8365 (TCP) (HTTP)

Default product port

9365 (TCP) (HTTPS)

Default product port (SSL)

 

Ports required for Exchange Reporter Plus

The following ports need to be opened for the product to communicate with Exchange Servers:

Port Number

Port Usage

135 (TCP)

RPC

5985 (TCP)

Windows PowerShell Default psSession

5986 (TCP) (HTTPS)

Windows PowerShell Default psSession SSL

80 (TCP)

PowerShell

443 (TCP) (HTTPS)

PowerShell SSL

 

The following ports need to be opened for the product to communicate with Active Directory:

Port Number

Port Usage

389 (TCP)

LDAP

636 (TCP) (HTTPS)

LDAP SSL

3268 (TCP)

LDAP GC

3269 (TCP) (HTTPS)

LDAP GC SSL

53 (TCP)

DNS

88 (TCP)

Kerberos

139 (TCP)

NetBIOS

 

The following ports are needed for Exchange Reporter Plus:

Port Number

Port Usage

8181

HTTPS

3309

ERP product database

 

Ports required for ADManager Plus

The following ports are required for ADManager Plus:

Port Number

Port Usage

33306

Communication with database

31000

Java wrapper service

22

Secure Shell (SSH)

8080/8443

Web server

2000

Email

389/639

LDAP/LDAPS

80

Exchange server

80,443

G Suite, Office365

3268

LDAP search for Global Catalog (GC)

 

Ports required for Cloud Security Plus

The following ports are needed to access Cloud Security Plus:

Port Number

Port Usage

8055

HTTP

8056

HTTPS

514

Default Syslog listener

25

Default mail server SMTP

33355

PostgreSQL/MS SQL database

80, 443

Clouds and their data source

9300-9400 (any one TCP port)
9200-9300 (any one HTTP port)

Elastic Search