I want to monitor zip files using universal forwarder and send it to the heavy forwarder for parsing so want to know which ports I need to open?
As per my understanding, I will require 9997 and 8089 ports to open from the universal forwarder.
Is there another port to open?
Does Splunk require to use VPN tunnel to transfer files or it will send files to heavy forwarder on port 9997?
Please confirm.
Thanks.
↧