VMware Aria Operations for Logs uses specific required services, ports, and external interfaces.
To view information about the ports and protocols of VMware Aria Operations for Logs, see the VMware Ports and Protocols tool.
Communication Ports
VMware Aria Operations for Logs uses the communication ports and protocols listed in the Ports and Protocols tool. The required ports are organized based on whether they are required for sources, for the user interface, between clusters, for external services, or whether a firewall can safely block them. Some ports are used only if you enable the corresponding integration.
- Admin Workstation
- The machine that an administrator uses to manage the VMware Aria Operations for Logs virtual appliance remotely.
- User Workstation
- The machine on which a VMware Aria Operations for Logs user uses a browser to access the Web interface of VMware Aria Operations for Logs.
- System sending logs
- The endpoint that sends logs to VMware Aria Operations for Logs for analysis and search. For example, endpoints include ESXi hosts, virtual machines or any system with an IP address.
- VMware Aria Operations for Logs Agents
- The agent that resides on a Windows or Linux machine and sends operating system events and logs to VMware Aria Operations for Logs over APIs.
- VMware Aria Operations for Logs appliance
- Any VMware Aria Operations for Logs virtual appliance, primary, or worker where the VMware Aria Operations for Logs services reside. The base operating system of the appliance is SUSE 11 SP3.
Ports Required for Sources Sending Data
These ports must be open to network traffic from sources that send data to VMware Aria Operations for Logs, both for connections from outside the cluster and connections load-balanced between cluster nodes.
Ports Required for the User Interface
These ports must be open to network traffic that must use the VMware Aria Operations for Logs user interface, both for connections outside the cluster and connections load-balanced between cluster nodes.
Ports Required Between Cluster Nodes
These ports should only be open on a VMware Aria Operations for Logs primary node for network access from worker nodes for maximum security. These ports are in addition to the ports used for sources and UI traffic that are load-balanced between cluster nodes.
Ports Required for External Services
These ports must be open for outbound network traffic from VMware Aria Operations for Logs cluster nodes to remote services.