Just Published! Threat Report: Exposing Malware in Linux-Based Multi-Cloud Environments | Download Now

Cb Defense: What firewall ports need to be open for the SIEM Connector?

Cb Defense: What firewall ports need to be open for the SIEM Connector?

Environment

  • Cb Defense SIEM Connector

Question

What firewall ports are required to be open for the SIEM Connector traffic?

Answer

The port that needs to be opened is self-configured in the cb-defense-syslog.conf file. On the tcp_out or udp_out line, the syslog server is configured here, with the port of your choosing. This is the port that will need to be opened on the firewall.

Additional Notes

  • Typically, we see Port 514 used for TCP or UDP, and Port 6514 for TLS+TCP.
  • Any port can be configured and used.

Related Content


Was this article helpful? Yes No
No ratings
Article Information
Author:
Creation Date:
‎11-27-2018
Views:
1414
Contributors