VMware Aria Operations for Logs uses specific required services, ports, and external interfaces.

To view information about the ports and protocols of VMware Aria Operations for Logs, see the VMware Ports and Protocols tool.

Communication Ports

VMware Aria Operations for Logs uses the communication ports and protocols listed in the Ports and Protocols tool. The required ports are organized based on whether they are required for sources, for the user interface, between clusters, for external services, or whether a firewall can safely block them. Some ports are used only if you enable the corresponding integration.

Note: VMware Aria Operations for Logs does not support WAN clustering (also called geo-clustering, high-availability clustering, or remote clustering). All nodes in the cluster should be deployed in the same Layer 2 LAN. Also, communication ports must be opened between nodes for proper exchange of information.
VMware Aria Operations for Logs network traffic has several sources.
Admin Workstation
The machine that an administrator uses to manage the VMware Aria Operations for Logs virtual appliance remotely.
User Workstation
The machine on which a VMware Aria Operations for Logs user uses a browser to access the Web interface of VMware Aria Operations for Logs.
System sending logs
The endpoint that sends logs to VMware Aria Operations for Logs for analysis and search. For example, endpoints include ESXi hosts, virtual machines or any system with an IP address.
VMware Aria Operations for Logs Agents
The agent that resides on a Windows or Linux machine and sends operating system events and logs to VMware Aria Operations for Logs over APIs.
VMware Aria Operations for Logs appliance
Any VMware Aria Operations for Logs virtual appliance, primary, or worker where the VMware Aria Operations for Logs services reside. The base operating system of the appliance is SUSE 11 SP3.

Ports Required for Sources Sending Data

These ports must be open to network traffic from sources that send data to VMware Aria Operations for Logs, both for connections from outside the cluster and connections load-balanced between cluster nodes.

Ports Required for the User Interface

These ports must be open to network traffic that must use the VMware Aria Operations for Logs user interface, both for connections outside the cluster and connections load-balanced between cluster nodes.

Ports Required Between Cluster Nodes

These ports should only be open on a VMware Aria Operations for Logs primary node for network access from worker nodes for maximum security. These ports are in addition to the ports used for sources and UI traffic that are load-balanced between cluster nodes.

Ports Required for External Services

These ports must be open for outbound network traffic from VMware Aria Operations for Logs cluster nodes to remote services.