GCPGoogle Cloud Platform Setup Guide

Appendix A. Network Ports

The table below shows all the ports that Exabeam either connects to or receives connections from. Ensure these ports are configured appropriately for data and communications traversal.

Service

Hosts

Port

TCP

UDP

SSH

All Cluster Hosts

22

BGP

All Cluster Hosts

179

Exabeam Web UI (HTTPS)

All Cluster Hosts

8484

Docker

All Cluster Hosts

2376

Docker

All Cluster Hosts

2377

Docker

All Cluster Hosts

4789

Docker

All Cluster Hosts

7946

Docker Registry

Master Host

5000

Kafka Connector

All Cluster Hosts

8083

Kafka

All Cluster Hosts

9092

Kafka

All Cluster Hosts

9093

Kafka

All Cluster Hosts

9094

MongoDB

All Cluster Hosts

27017

MongoDB

All Cluster Hosts

27018

MongoDB

All Cluster Hosts

27019

Hadoop

All Cluster Hosts

9000

Hadoop

All Cluster Hosts

50010

Hadoop

All Cluster Hosts

50020

etcd

First 1 or 3 nodes up to highest odd number

2379

etcd

First 1 or 3 nodes up to highest odd number

2380

Ping

All Cluster Hosts

ICMP

Elastalert

All Cluster Hosts

3030

Disaster Recovery Socks Proxy

Master and Failover Hosts

10022

NTP

Master Host

123

DNS

All Cluster Hosts

53

SMTP

Master and Failover Hosts

25

SMTPS

Master and Failover Hosts

587

Syslog Forwarder

Target Host

514

Syslog Forwarder

All Cluster Hosts

515

Disaster Recovery MongoDb

Master and Failover Hosts

5123

Exabeam Coordination Service (Zookeeper)

All Cluster Hosts

2181

Exabeam Coordination Service (Zookeeper)

All Cluster Hosts

2888

Exabeam Coordination Service (Zookeeper)

All Cluster Hosts

3888

Exabeam Data LakeUI

Master Host

5601

Exabeam SOAR Metrics UI

Case Manager Host

5850

Exabeam SOAR Server

Case Manager Host

7999

Exabeam SOAR Server

Case Manager Host

8097

Exabeam SOAR Server

Case Manager Host

9998

Exabeam SOAR Server

Case Manager Host

9999

Exabeam Advanced Analytics Engine

All Advanced Analytics Martini Hosts

8090

Exabeam Advanced Analytics API

Master/Main Advanced Analytics Node

8482

Exabeam Advanced Analytics UI

Master Host

8483

Exabeam Health Agent

All Cluster Hosts

8659

Exabeam SOAR-LEMON

Case ManagementHost

8880

Exabeam SOAR-LEMON

Case Manager Host

8888

Exabeam SOAR-LEMON

Case ManagementHost

8889

Exabeam SOAR Syslog

Case Manager Host

9875

Exabeam SOAR Action Controller

OAR Host

9978

Exabeam Advanced Analytics Engine JMX

All Advanced Analytics Martini Hosts

9003

Exabeam Advanced Analytics LIME JMX

All LIME Hosts

9006

Exabeam Replicator

Master Host

9099

Elasticsearch

All Cluster Case Manager Hosts

9200

Elasticsearch

All Cluster Case Manager Hosts

9300

Datadog and Threat Intelligence Service

Master and Failover Hosts

443

Ensure ports for third-party products allow traffic from Exabeam Hosts.

Service

Port

TCP

UDP

LDAP (Non-secure Connection)

389

LDAP (Secure Connection)

636

QRadar

443

ArcSight ESM

3306

Ganglia

8081

Splunk

8089

ArcSight Logger

9000

RSA

50105

eStreamer

8000