Required Ports for SL1

Download this manual as a PDF file

This section describes the ports that must be open on each SL1 appliance. These open ports allow communication between appliances in an SL1 system.

Some PowerPacks also require specific ports to be open for tasks such as monitoring, creating credentials, or gaining access through the firewall. Those ports are also described in this section.

Use the following menu options to navigate the SL1 user interface:

  • To view a pop-out list of menu options, click the menu icon ().
  • To view a page containing all of the menu options, click the Advanced menu icon ().

Open Ports on the ScienceLogic All-In-One Appliance

Name Description Protocol Port
HTTP Interface HTTP from browser session on user workstation. ScienceLogic recommends disabling HTTP during deployment. TCP 80
HTTPS Secure Interface Used for browser sessions on a user workstation, API requests from external systems, and requests from the ScienceLogic Agent running on a monitored device. TCP 443
Database Web Admin Optional. Administrative Web Interface (phpMyAdmin) from browser session on user workstation to Database. TCP 8008
SSH Optional. For ssh sessions from user workstation. TCP

22

Web Configurator

Configuration Utility from browser session on user workstation.

NOTE: For Military Unique Deployment (MUD) configurations, this utility and port are disabled by default. They can be enabled for initial configuration, but must be disabled again after the configuration process is complete.

TCP 7700
SNMP Optional. SNMP information about the All-In-One Appliance can be collected by SL1. UDP 161
SNMP Traps Optional. Can receive SNMP traps from managed devices. UDP 162
Syslog messages Optional. Can receive syslog messages from managed devices. UDP 514
SMTP Optional. To receive inbound Email for tickets, events, and email round-trip monitoring. TCP 25
NTP Communication between the All-In-One Appliance and configured NTP server. TCP 123

Open Ports on the ScienceLogic Database Server Appliance

Name Description Protocol Port
HTTP Interface Optional. Can be used if the Database Server also serves as an Administration Portal. TCP 80
HTTPS Secure Interface Optional. Can be used if the Database Server also serves as an Administration Portal. TCP 443
Database Web Admin Optional. Administrative Web Interface (PHPMyAdmin) from browser session on user workstation. TCP 8008
MariaDB

Communication from Administration Portal.

Communication from HA-secondary and DR to HA primary.

  If you are using HA/DR, you must keep this port open. This port is required for communication between the HA-secondary and DR to the HA-primary appliance. If this port is blocked, the em7service on these databases will fail and could lead to issues such as DR backup not working or inability to license the appliances.

TCP 7706
SSH Optional. Can be manually closed. For ssh sessions from user workstation. TCP

22

Web Configurator

Configuration Utility from browser session on user workstation.

NOTE: For Military Unique Deployment (MUD) configurations, this utility and port are disabled by default. They can be enabled for initial configuration, but must be disabled again after the configuration process is complete.

TCP 7700
SNMP Optional. SNMP information about the Database Server can be collected by SL1. UDP 161
ScienceLogic HA

Optional. Communication between Database Server and other Database Server(s) in a high-availability cluster.

TCP 694
SMTP Optional. Can be manually closed. To receive inbound email for tickets, events, and email round-trip monitoring. TCP 25
High Availability One of two ports used by the cluster management process to test cluster availability. This port is open only if your Database Server appliance is configured for High Availability. UDP 5555
High Availability One of two ports used by the cluster management process to test cluster availability. This port is open only if your Database Server appliance is configured for High Availability. UDP 5556
DRBD Replication This port is open only if your Database Server appliance is configured for High Availability, Disaster Recovery, or both. TCP 7788
DRBD Replication This port is open only if your Database Server appliance is configured for High Availability, Disaster Recovery, or both. TCP 7789
PhoneHome Configuration This port is open only if your Database Server appliance is configured for PhoneHome communication from Data Collectors and Message Collectors. The port number is configurable, but only for non-SaaS systems. TCP 7705

Open Ports on the ScienceLogic Administration Portal Appliance

Name Description Protocol Port
HTTP Interface HTTP from browser session on user workstation. TCP 80
HTTPS Secure Interface Used for browser sessions on a user workstation and API requests from external systems. TCP 443
SSH Optional. For ssh sessions from user workstation. TCP

22

Web Configurator

Configuration Utility from browser session on user workstation.

NOTE: For Military Unique Deployment (MUD) configurations, this utility and port are disabled by default. They can be enabled for initial configuration, but must be disabled again after the configuration process is complete.

TCP 7700
SNMP Optional. SNMP information about the Administration Portal can be collected by SL1. UDP 161
High Availability Required when using Quorum with High Availability or High Availability and Disaster Recovery. TCP 5403

Open Ports on the ScienceLogic Data Collector Appliance

Name Description Protocol Port
Data Pull Requests from Database Servers to retrieve collected data. In a PhoneHome configuration, this port is accessed via an SSH tunnel created by the Data Collector. TCP 7707
SSH Optional. For ssh sessions from user workstation. TCP

22

Web Configurator

Configuration Utility from browser session on user workstation.

NOTE: For Military Unique Deployment (MUD) configurations, this utility and port are disabled by default. They can be enabled for initial configuration, but must be disabled again after the configuration process is complete.

TCP 7700
SNMP Optional. SNMP information about the Data Collector can be collected by SL1. UDP 161
SNMP Traps Optional. Can receive SNMP traps from managed devices. UDP 162
Syslog messages Optional. Can receive syslog messages from managed devices. UDP 514
HTTPS Secure Interface Optional. Data from the ScienceLogic Agent running on a monitored device. TCP 443

Open Ports on the ScienceLogic Message Collector Appliance

Name Description Protocol Port
Data Pull Requests from Database Servers to retrieve collected data. In a PhoneHome configuration, this port is accessed via an SSH tunnel created by the Message Collector. TCP 7707
SSH Optional. For ssh sessions from user workstation. TCP

22

Web Configurator

Configuration Utility from browser session on user workstation.

NOTE: For Military Unique Deployment (MUD) configurations, this utility and port are disabled by default. They can be enabled for initial configuration, but must be disabled again after the configuration process is complete.

TCP 7700
SNMP Optional. SNMP information about the Message Collector can be collected by SL1. UDP 161
SNMP Traps Optional. Can receive SNMP traps from managed devices. UDP 162
Syslog messages Optional. Can receive syslog messages from managed devices. UDP 514
HTTPS Secure Interface Optional. Data from the ScienceLogic Agent running on a monitored device. TCP 443

Open Ports for ScienceLogic Subscription Billing

Name Description Protocol Port
HTTPS Secure Interface Required. Secure interface must be open for the Subscription Billing process to send information to ScienceLogic. TCP 443

Open Ports for ScienceLogic PowerPacks

ScienceLogic recommends reviewing the required port data for each PowerPack below. Some PowerPacks require specific ports for tasks such as monitoring, creating credentials, or gaining access through the firewall.

Many PowerPacks can be configured so that you can connect with the third-party platform via a proxy server. When you do so, you will need to open a port on that proxy server as well as in SL1 to establish communication between the two platforms.

For more information about the configuration requirements for the PowerPacks below or other PowerPacks that are not included in this section, see the SL1 PowerPacks documentation.

Apcon

Name Description Protocol Port
SNMP Required for SNMP credential. UDP 161

Cisco: Cloud Services Platform

Name Description Protocol Port
SNMP Required for monitoring CSP clusters with SNMP community string read privileges, or if you have to create two SNMP credentials for CSP clusters. UDP 161
SNMP Required if you have to create two SNMP credentials for CSP clusters. TCP 1610

Cisco: Contact Center Enterprise

Name Description Protocol Port
REST API Required for monitoring Contact Center Enterprise using REST API. TCP 7890

Cisco: CUCM

Name Description Protocol Port
PhoneHome Configuration Potentially required based on your configuration. Requests from the PhoneHome Collector to the Database Server to retrieve collected data. TCP 7707
PhoneHome Configuration Potentially required based on your configuration. Requests from the Database Server to the Data Collector to retrieve collected data. TCP 7705
SNMP Potentially required based on your configuration. Enables communication between SL1 Data Collector and the Cisco Unified CM cluster and CallManagers. UDP 161
Cisco Unified Communications Manager

Potentially required based on your configuration. Enables communication between SL1 Data Collector and the Cisco Unified CM cluster and CallManagers.

The example credential included in older versions of the Cisco: CUCM Unified Communications Manager PowerPack used "80" as the default port number. If your Cisco Unified CM credential specifies port 80, SL1 will automatically override that value and use port 8443 instead. If your Cisco Unified CM credential specifies any port other than 80, SL1 will use that specified port.

TCP 8443

Cisco: ESA

Name Description Protocol Port
SNMP Required for SNMP credential. UDP 161

Cisco: Meeting Server

Name Description Protocol Port
SNMP Required for creating an SNMP credential for one IP address. UDP 161
SSH Required for creating a Basic/Snippet credential for one IP address or creating a Basic/Snippet credential on a system Mainboard Management Processor interface if monitoring more than one IP address. TCP 22
HTTPS Secure Interface Required for creating a Basic/Snippet credential for the API interface if monitoring more than one IP address. TCP 443

Cisco: UC Ancillary

Name Description Protocol Port
SSH Required for SSH/Key credential. TCP 22

Cisco: UC VOS Applications

Name Description Protocol Port
Proxy Server Used for proxy server port in SOAP/XML credential. TCP 0
HTTPS Secure Interface Required for creating a Basic/Snippet credential for REST API queries to Cisco Unity Connection servers and Cisco IM & Presence servers. TCP 443

Cisco: UCS

Name Description Protocol Port
HTTPS Secure Interface Required for discovering UCS Manager over HTTPS. TCP 443

Cisco: UCS Director

Name Description Protocol Port
HTTP Required for discovering UCS Director over HTTP. TCP 80

Cisco: UCS Standalone Rack Server

Name Description Protocol Port
HTTPS Secure Interface Required for discovering UCS Rack Server over HTTPS. TCP 443

Cisco: Viptela

Name Description Protocol Port
HTTPS Secure Interface Required for discovering Viptela over HTTPS. TCP 443

Citrix: Xen

Name Description Protocol Port
HTTPS Secure Interface Required for the Citrix: Xen Basic/Snippet credential. TCP 443

Dell EMC: VMAX

Name Description Protocol Port
HTTP Required for connecting to an SMI-S Provider over HTTP. TCP 5988
HTTPS Required for connecting to an SMI-S Provider over HTTPS. TCP 5989

Dell EMC: VNX

Name Description Protocol Port
HTTP Required for connecting to an SMI-S Providerover HTTP. TCP 5988
HTTPS Required for connecting to an SMI-S Provider over HTTPS. TCP 5989

Dell EMC: XtremIO

Name Description Protocol Port
Proxy Server Used for proxy server port in SOAP/XML credential. TCP 0
HTTPS Secure Interface Required for discovering Dell EMC XtremIO devices. TCP 443

ELK: AWS CloudTrail

Name Description Protocol Port
Elasticsearch Required for the ELK: AWS Basic/Snippet credential. TCP 9200

ELK: Azure Activity Log

Name Description Protocol Port
Elasticsearch Required for the ELK: Azure Activity Log Basic/Snippet credential. TCP 9200

Hitachi Data Systems: VSP

Name Description Protocol Port
HTTPS Required for connecting to an SMI-S Provider over HTTPS. TCP 5989

HP 3PAR: SMI-S

Name Description Protocol Port
HTTPS Required for connecting to an SMI-S Provider over HTTPS. TCP 5989

IBM: AIX Monitoring

Name Description Protocol Port
SSH Required for SSH/Key credential. TCP 22

Kubernetes

Name Description Protocol Port
SSH Typically used for connecting to Kubernetes nodes via SSH. TCP 22
HTTPS Can be used for connecting to Kubernetes cluster via HTTPS. TCP 443
HTTPS Can be used for connecting to Kubernetes cluster via HTTPS.

If you would prefer to configure a customized IP port other than 443 or 8443, you can do so. For more information, see the section on Configuring Customized IP Ports in the Monitoring Kubernetes manual.

TCP 8443

Linux: Base Pack

Name Description Protocol Port
SSH Required for SSH/Key credential. TCP 22

Linux: SSH Automations

Name Description Protocol Port
SSH Required for SSH/Key credential. TCP 22

Microsoft: Azure

Name Description Protocol Port
SNMP When using the run book automations included in the PowerPack to discover physical devices, allows the discovery session to use SNMP credentials. UDP 161
PowerShell (HTTP) When using the run book automations included in the PowerPack to discover physical devices, allows the discovery session to use PowerShell credentials over HTTP. TCP 5985
PowerShell (HTTPS) When using the run book automations included in the PowerPack to discover physical devices, allows the discovery session to use PowerShell credentials over HTTPS. TCP 5986

Microsoft: SQL Server Enhanced

Name Description Protocol Port
PowerShell (HTTP) Required for users who want to connect to a SQL server using PowerShell credentials over HTTP. TCP 5985

Microsoft: Automation PowerPacks

Name Description Protocol Port
DNS Server Required for forward and reverse DNS server availability for the Windows server. TCP 53
Kerberos Authentication Required for Kerberos authentication if using an Active Directory user account to access the Windows Domain Controller. UDP 88
PowerShell (HTTP) Required if connecting using PowerShell credentials over HTTP. TCP 5985
PowerShell (HTTPS) Required if connecting using PowerShell credentials over HTTPS. TCP 5986

Mongo DB

Name Description Protocol Port
MongoDB Server Required when creating a MongoDB credential. TCP 27017
SSH Optional, but required if including SSH settings in the MongoDB credential. TCP 22

Monitoring Switches, Routers, and Firewalls with SNMP

Name Description Protocol Port
SNMP Required for SNMP credential. UDP 161

Monitoring Windows Systems with PowerShell

Name Description Protocol Ports
SNMP Required for SNMP credential UDP 161
SNMP At least one of the additional listed ports must be open on the device to discover SNMP-enabled Windows devices. TCP 21, 22, 23, 25, or 80
DNS Server Required for forward and reverse DNS server availability for the Windows server. TCP 53
Kerberos Authentication Required for Kerberos authentication if using an Active Directory user account to access the Windows Domain Controller. UDP 88
PowerShell (HTTP) Required if connecting using PowerShell credentials over HTTP. TCP 5985
PowerShell (HTTPS) Required if connecting using PowerShell credentials over HTTPS. TCP 5986

Monitoring Windows Systems with WMI

Name Description Protocol Ports
SNMP Required for SNMP credential UDP 161
SNMP At least one of the additional listed ports must be open on the device to discover SNMP-enabled Windows devices. TCP 21, 22, 23, 25, or 80
DNS Server Required for forward and reverse DNS server availability for the Windows server. TCP 53
WMI Required for incoming network traffic to the remote machine. TCP 135
WMI Required for incoming network traffic to the remote machine. TCP 445
WMI In addition to ports 135 and 445, additional dynamically assigned ports must be open, typically in the listed ranges. TCP 1025-5000, 49152-65535

MySQL

Name Description Protocol Port
MySQL Server SSL Certificate When configuring a SOAP/XML credential to support loading your SSL certificate on a database connection, you can specify one port or a range or ports. This will be based on your MySQL instance. For more information, see the section on Creating a SOAP/XML Credential for an SSL Certificate in the Monitoring MySQL manual. N/A N/A

NetApp Base Pack

Name Description Protocol Port
HTTP (FIPS Mode) Used for the NetAPP C-Mode appliance credential if SL1 is running in FIPS-compliant mode. TCP 80
SNMP Required for SNMP credential. UDP 161

OpenStack

Name Description Protocol Port
Proxy Server Used for proxy server port in SOAP/XML credential. TCP 0

Oracle: Database

Name Description Protocol Port
SSH Required for SSH/Key credential for Linux users. TCP 22
PowerShell (HTTP) Required for Windows users who want to connect using PowerShell credentials over HTTP. TCP 5985
PowerShell (HTTPS) Required for Windows users who want to connect using PowerShell credentials over HTTPS. TCP 5986

Palo Alto

Name Description Protocol Port
SNMP Required for SNMP credential. UDP 161
HTTPS Secure Interface Required for the Palo Alto Basic/Snippet credential. TCP 443

Pure Storage: Flash Array

Name Description Protocol Port
HTTPS Secure Interface Required for discovering Pure Storage components over HTTPS or via API. TCP 443

Restorepoint Automation PowerPack

Name Description Protocol Port
SSH Required for SSH/Key credential. TCP 22

SL1 PowerFlow

Name Description Protocol Port
SSH Required for SSH/Key credential. TCP 22

SMI-S: Array

Name Description Protocol Port
HTTPS Required for connecting to an SMI-S Provider over HTTPS. TCP 5989

SoftLayer: Cloud

Name Description Protocol Port
HTTP Required for discovering Softlayer: Cloud over HTTP. TCP 80

VMware: NSX

Name Description Protocol Port
HTTPS Secure Interface

Required for the VMware: NSX Basic/Snippet credential.

TCP 443

VMware: NSX-T

Name Description Protocol Port
HTTPS Secure Interface

Required for the VMware: NSX-T Basic/Snippet credential.

TCP 443