To protect sensitive information gathered by VMware Aria Operations for Logs, place the server or servers on a management network segment protected by a firewall from the rest of your internal network.

Required Ports

The following ports must be open to network traffic from sources that send data to VMware Aria Operations for Logs.
Port Protocol
514/UDP, 514/TCP Syslog
1514/TCP, 6514/TCP Syslog-TLS (SSL)
9000/TCP VMware Aria Operations for Logs Ingestion API
9543/TCP VMware Aria Operations for Logs Ingestion API - TLS (SSL)
The following ports must be open to network traffic that must use the VMware Aria Operations for Logs UI.
Port Protocol
80/TCP HTTP
443/TCP HTTPS
The following set of ports should only be open on a VMware Aria Operations for Logs primary node for network access from worker nodes for maximum security.
Port Protocol
16520:16580/TCP Thrift RPC
59778/TCP log4j server
12543/TCP database server

To view information about the ports and protocols of VMware Aria Operations for Logs, see the VMware Ports and Protocols tool.