- Exabeam Data Lake Architecture Overview
- Exabeam Product Deployment in On-premises or Virtual Environments
- Administrator Operations
- User Management
- Exabeam Data Lake Role-based Access Control
- Exabeam Data Lake Object-based Access Control
- Exabeam Data Lake Secured Resources Overview
- Third-Party Identity Provider Configuration
- Audit Log Management in Data Lake
- Common Access Card (CAC) Authentication
- Set Up LDAP Server
- Set Up LDAP Authentication
- Azure AD Context Enrichment
- Adding a User to Exabeam Data Lake
- User Password Policies
- User Engagement Analytics Policy
- Exabeam Threat Intelligence Service
- Threat Intelligence Service Prerequisites
- Connect to Threat Intelligence Service through a Proxy
- View Threat Intelligence Feeds
- Threat Intelligence Context Tables
- View Threat Intelligence Context Tables
- Assign a Threat Intelligence Feed to a New Context Table
- Create a New Context Table from a Threat Intelligence Feed
- Using Threat Intelligence Service with Data Lake
- Check ExaCloud Connector Service Health Status
- Index Management
- Parser Management
- Forwarding to Other Destinations
- Syslog Forwarding Management in Exabeam Data Lake
- Syslog Forwarding Destinations
- Configure Log Forwarding Rate
- How to Forward Syslog to Exabeam Advanced Analytics from Exabeam Data Lake
- How to Forward Syslog from Exabeam Data Lake to Non-Exabeam External Destinations
- Exabeam Data Lake Selective Forwarding using Conditions
- How to Configure Exabeam Data Lake Log Destinations for Correlation Rule Outcomes
- Forward Exabeam Data Lake Incident to Exabeam Incident Responder
- Syslog Forwarding Management in Exabeam Data Lake
- Cluster Operations
- Cross-cluster Search in Exabeam Data Lake
- Prerequisites for Exabeam Data Lake Cross-cluster Search
- Remote Cluster Management for Exabeam Data Lake Cross-cluster Search
- Register a Remote Cluster in Exabeam Data Lake for Cross-cluster Search
- Exabeam Data Lake Cross-cluster Health Monitoring and Handling
- How to Enable/Disable/Delete Exabeam Data Lake Remote Clusters for Cross-cluster Search
- Exabeam Data Lake Remote Cluster Data Access Permissions for Cross-cluster Search
- System Health Page
- A. Technical Support Information
- B. List of Exabeam Services
- C. Network Ports
- D. Supported Browsers
Appendix C. Network Ports
The table below shows all the ports that Exabeam either connects to or receives connections from. Ensure these ports are configured appropriately for data and communications traversal.
Service | Hosts | Port | TCP | UDP |
---|---|---|---|---|
SSH | All Cluster Hosts | 22 | ✓ | |
BGP | All Cluster Hosts | 179 | ✓ | |
Exabeam Web UI (HTTPS) | All Cluster Hosts | 8484 | ✓ | |
Docker | All Cluster Hosts | 2376 | ✓ | |
Docker | All Cluster Hosts | 2377 | ✓ | |
Docker | All Cluster Hosts | 4789 | ✓ | |
Docker | All Cluster Hosts | 7946 | ✓ | ✓ |
Docker Registry | Master Host | 5000 | ✓ | |
Kafka Connector | All Cluster Hosts | 8083 | ✓ | |
Kafka | All Cluster Hosts | 9092 | ✓ | |
Kafka | All Cluster Hosts | 9093 | ✓ | |
Kafka | All Cluster Hosts | 9094 | ✓ | |
MongoDB | All Cluster Hosts | 27017 | ✓ | |
MongoDB | All Cluster Hosts | 27018 | ✓ | |
MongoDB | All Cluster Hosts | 27019 | ✓ | |
etcd | First 1 or 3 nodes up to highest odd number | 2379 | ✓ | |
etcd | First 1 or 3 nodes up to highest odd number | 2380 | ✓ | |
Ping | All Cluster Hosts | ICMP | ||
Elastalert | All Cluster Hosts | 3030 | ✓ | |
NTP | Master Host | 123 | ✓ | |
DNS | All Cluster Hosts | 53 | ✓ | |
SMTP | Master and Failover Hosts | 25 | ✓ | |
SMTPS | Master and Failover Hosts | 587 | ✓ | |
Syslog Forwarder | Target Host | 514 | ✓ | ✓ |
Syslog Forwarder | All Cluster Hosts | 515 | ✓ | |
Exabeam Coordination Service (Zookeeper) | All Cluster Hosts | 2181 | ✓ | |
Exabeam Coordination Service (Zookeeper) | All Cluster Hosts | 2888 | ✓ | |
Exabeam Coordination Service (Zookeeper) | All Cluster Hosts | 3888 | ✓ | |
Exabeam Data Lake console | Master Host | 5601 | ✓ | |
Exabeam Health Agent | All Cluster Hosts | 8659 | ✓ | |
Elasticsearch | All Cluster Case Manager Hosts | 9200 | ✓ | |
Elasticsearch | All Cluster Case Manager Hosts | 9300 | ✓ | |
Datadog and Threat Intelligence Service | Master and Failover Hosts | 443 | ✓ |
Ensure ports for third-party products allow traffic from Exabeam Hosts.
Service | Port | TCP | UDP |
---|---|---|---|
LDAP (Non-secure Connection) | 389 | ✓ | |
LDAP (Secure Connection) | 636 | ✓ | |
Ganglia | 8081 | ✓ | |
eStreamer | 8000 | ✓ | |
Java Management Extensions (JMX) | 9999 | ✓ |