Communication ports and protocols

This topic lists the default ports and protocols used by the various product components, depending on user roles and permissions.

The following information is useful for one-time configurations, daily operations, and understanding how various product components communicate with one another. This information can also be used to decide which ports to open, depending on your security requirements. 

Note

For a single server deployment, the Indexer and Configuration Database ports are not accessible from other hosts (by default). In this case, you do not need to set up a firewall for these ports.

Related topics

Architecture

Planning


From To Default Port Protocol
Daily operations
CLI/web browser Console Server 9797
(configurable)
HTTP
CLI/web browser Console Server  9443
(configurable)
HTTPS 
Data collection
Collection Agent

Collection Station

(Configuration Channel)

8080
(configurable)
HTTP
Collection Agent

Collection Station

(Payload Service)

41414
(configurable)
Avro

Collection Station

OR

Collection Agent

Managed node from which data must be collected remotely

(Monitor File over SSH and Monitor Script over SSH data collector)

22 SSH

Collection Station

OR

Collection Agent

Managed node from which data must be collected remotely

(Monitor file over windows share data collector)

445 SMB

Collection Station

OR

Collection Agent

Managed node from which data must be collected remotely.

(Remote windows event data collector)

5985 PowerShell Remoting Protocol

Managed node from which data must be collected remotely

(TCP/UDP data collector)

Collection Station

OR

Collection Agent

514

(Configurable)
TCP/UDP

Managed node from which data must be collected remotely

(HTTP/HTTPS data collector)

Collection Station

OR

Collection Agent

8888

(Configurable)
HTTP/HTTPS

Internal communications between the product components

*The following ports are internal and do not require any firewall changes for a single-server deployment.

Console Server Search 9797
(configurable)
HTTP
Search 9443
(configurable)
HTTPS
Console Server Configuration Database 9999
(configurable)
JDBC
Search Configuration Database 9999
(configurable)
JDBC
Collection Station Configuration Database 9999
(configurable)
JDBC
Console Server Indexer 9300
(configurable)
TCP
Search Indexer 9300
(configurable)
TCP
Collection Station Indexer 9300
(configurable)
TCP
Console Server Collection Station

8080

(configurable)

HTTP
Communication between product components and integrations
Search

SMTP server

(SMTP server used for sending email)

25 SMTP
Console Server

SMTP server

(SMTP server used for sending email)

25 SMTP
Search

ProactiveNet server

(Operations Console)

80

(configurable)

HTTP
Search TrueSight Presentation Server

443

(configurable)

HTTPS
Collection Station

ProactiveNet server

(Event management)

1828
(configurable)
TCP
Search

ProactiveNet server

(Event management)

Console Server


Remedy Single-Sign On server





448

(Windows)

HTTPS

88

(Windows)

HTTP

8048

(Linux)

HTTPS

8088

(Linux)

HTTP
Console Server TrueSight Presentation Server

443

(Windows)

HTTPS

80

(Windows)

HTTP

8043

(Linux)

HTTPS

8080

(Linux)

HTTP

Search

Remedy AR Server

8008

(configurable)

HTTP

8443

(configurable)

HTTPS
Internal firewalls to be opened for Indexer communications
Indexer

Collection Station, Console Server, and Search

9305 to 9399note1 TCP

1Note: Ensure that ports 9305, 9306, and 9307 are open. These ports are used in the order in which the Collection Station, Console Server, and Search services are started. Keep in mind, that if the Collection Station, Console Server, and Search components are located on the same host, then all the three ports are used. However, if the components are on separate hosts, then these components might use the same 9305 port.

Example: On a single server, suppose the Collection Station was started first, followed by the Console Server, and finally followed by the Search component. In this scenario, the ports will be used in the following order:

  • 9305: Used for communicating with the Collection Station.
  • 9306: Used for communicating with the Console Server.
  • 9307: Used for communicating with the Search component.

You need to ensure that the preceding ports are not in use. If one or more of these ports are already in use, the next available ports will be used. These ports can fall in the range, 9305 to 9399. If you are not sure whether one or more of these ports is in use, you can open all the ports in the available range.

For more information about the ports required for an HTTPS connection, see the instructions for  Configuring a secured connection

Was this page helpful? Yes No Submitting... Thank you

Comments