Deployment Architecture

Deployment server firewall rules


I am planning to use the deployment server functionality of splunk 4.2 . I am trying to in down all the firewall rules and direction that will be required to make all the components of splunk work.

is the deployment server a push from server to client, or are there client to server initiated communications (call home, checkups)? Do these use the same 8089 (or configured) port that a distributed search head and indexer would use to communicate ?

what about the master license server? What ports does it use to transfer/poll for licensing information? What is the direction of that network flow ? (pull from master or push from slave?)


Re: Deployment server firewall rules


With respect to deployment client-server, the client is responsible for contacting the server. The port for this is configurable based on splunkd of your deployment server but would default to 8089.

See also:

With respect to License slaves I believe they work similar to deployment clients (contacting License master via splunkd 8089 by default).

See also:

View solution in original post