All Splunk Alerts log into another monitoring tool called Zenoss.
A shell script (running one splunk search head) passes all the information as an alert is triggered, & sends to zenoss at port 8081,.
Recently firewall change led to blocking all ports.
Now which ports should I request to be enable so that the same shell script is able to communicates & send data to zenoss:8081 ?
There is no way to know which port will be used on the sending (Splunk) side, other than it will be greater than 1024. Outgoing ports are assigned as connections are made so they can't be determined in advance. Ask for all ports (or all > 1024) on the Splunk side and 8081 on the Zenoss side.
There is no way to know which port will be used on the sending (Splunk) side, other than it will be greater than 1024. Outgoing ports are assigned as connections are made so they can't be determined in advance. Ask for all ports (or all > 1024) on the Splunk side and 8081 on the Zenoss side.