To protect sensitive information gathered by Log Insight, place the server or servers on a management network segment protected by a firewall from the rest of your internal network.

The following ports need to be open to network traffic from sources that send data to Log Insight.

Port

Protocol

514/UDP, 514/TCP

Syslog

1514/TCP, 6514/TCP

Syslog-TLS (SSL)

9000/TCP

Log Insight Ingestion API

The following ports need to be open to network traffic that needs to use the Log Insight UI.

Port

Protocol

80/TCP

HTTP

443/TCP

HTTPS

The following set of ports should only be open on a Log Insight master node for network access from worker nodes for maximum security.

Port

Protocol

16520:16580/TCP

Thrift RPC

59778/TCP

log4j server

12543/TCP

database server