Monitoring Splunk

Which ports should be opened on Splunk sever, to let splunk alerts reach zenoss application at 8081?

RichaSingh
Path Finder

All Splunk Alerts log into another monitoring tool called Zenoss.
A shell script (running one splunk search head) passes all the information as an alert is triggered, & sends to zenoss at port 8081,.
Recently firewall change led to blocking all ports.

Now which ports should I request to be enable so that the same shell script is able to communicates & send data to zenoss:8081 ?

0 Karma
1 Solution

richgalloway
SplunkTrust
SplunkTrust

There is no way to know which port will be used on the sending (Splunk) side, other than it will be greater than 1024. Outgoing ports are assigned as connections are made so they can't be determined in advance. Ask for all ports (or all > 1024) on the Splunk side and 8081 on the Zenoss side.

---
If this reply helps you, Karma would be appreciated.

View solution in original post

richgalloway
SplunkTrust
SplunkTrust

There is no way to know which port will be used on the sending (Splunk) side, other than it will be greater than 1024. Outgoing ports are assigned as connections are made so they can't be determined in advance. Ask for all ports (or all > 1024) on the Splunk side and 8081 on the Zenoss side.

---
If this reply helps you, Karma would be appreciated.
Get Updates on the Splunk Community!

Enter the Splunk Community Dashboard Challenge for Your Chance to Win!

The Splunk Community Dashboard Challenge is underway! This is your chance to showcase your skills in creating ...

.conf24 | Session Scheduler is Live!!

.conf24 is happening June 11 - 14 in Las Vegas, and we are thrilled to announce that the conference catalog ...

Introducing the Splunk Community Dashboard Challenge!

Welcome to Splunk Community Dashboard Challenge! This is your chance to showcase your skills in creating ...