Opened Port Requirements

Splunk

• 9997 Universal Forwarders

• 8089 Deployment Server

• 8000 Web Access

Elastic Agent

• 8220 Elastic Agent Control

• 5055 Elastic Agent Data

• 5044 Beats

• 3765 Endgame

OsQuery

• 8090 - Osquery Agent

Syslog

• 514 - Syslog Logs