Default Configuration of LogMan.io Collector¶
The TeskaLabs LogMan.io collector is equipped with a default configuration designed for quick and efficient integration with typical log sources, optimizing initial setup times and providing robust connectivity out-of-the-box.
Default Network Ports for Log Sources¶
Below is a table outlining the default network ports used by various technologies when connecting to the LogMan.io Collector. Both UDP (User Datagram Protocol) and TCP (Transmission Control Protocol) ports are available to support different network communication needs.
| Vendor Technology |
Product Variant |
Port range | Stream name | Note |
|---|---|---|---|---|
| Linux | Syslog RFC 3164 | 10000 10009 |
linux-syslog-rfc3164 |
BSD Syslog Protocol |
| Linux | Syslog RFC 5424 | 10020 10029 |
linux-syslog-rfc5424 |
IETF Syslog Protocol |
| Linux | rsyslog | 10010 10019 |
linux-rsyslog |
|
| Linux | syslog-ng | 10030 10039 |
linux-syslogng |
|
| Linux | Auditd | 10040 10059 |
linux-auditd |
|
| Fortinet | FortiGate | 10100 10109 |
fortinet-fortigate |
RFC6587 Framing on TCP |
| Fortinet | FortiGate | 10110 10119 |
fortinet-fortigate |
|
| Fortinet | FortiSwitch | 10120 10129 |
fortinet-fortiswitch |
No Framing on TCP |
| Fortinet | FortiSwitch | 10130 10139 |
fortinet-fortiswitch |
|
| Fortinet | FortiMail | 10140 10159 |
fortinet-fortimail |
|
| Fortinet | FortiClient | 10160 10179 |
fortinet-forticlient |
|
| Fortinet | FortiAnalyzer | 10180 10199 |
fortinet-fortianalyzer |
|
| Cisco | ASA | 10300 10319 |
cisco-asa |
|
| Cisco | FTD | 10320 10339 |
cisco-ftd |
|
| Cisco | IOS | 10340 10359 |
cisco-ios |
|
| Cisco | ISE | 10360 10379 |
cisco-ise |
|
| Cisco | Switch Nexus | 10380 10399 |
cisco-switch-nexus |
|
| Cisco | WLC | 10400 10419 |
cisco-wlc |
|
| Dell | Switch | 10500 10519 |
dell-switch |
|
| Dell | PowerVault | 10520 10539 |
dell-powervault |
|
| Dell | iDRAC | 10540 10559 |
dell-idrac |
|
| HPE | Aruba Clearpass | 10600 10619 |
hpe-aruba-clearpass |
|
| HPE | Aruba IAP | 10620 10639 |
hpe-aruba-iap |
|
| HPE | Aruba Switch | 10640 10659 |
hpe-aruba-switch |
|
| HPE | Integrated Lights-Out (iLO) | 10660 10679 |
hpe-ilo |
|
| HPE | Primera | 10680 10699 |
hpe-primera |
|
| HPE | StoreOnce | 10700 10719 |
hpe-storeonce |
|
| Bitdefender | Gravity Zone | 10740 10759 |
bitdefender-gravityzone |
|
| Broadcom | Brocade Switch | 10760 10779 |
broadcom-brocade-switch |
|
| Devolutions | 10800 10819 |
devolutions |
||
| ESET | Protect | 10840 10859 |
eset-protect |
|
| F5 | 10860 10879 |
f5 |
||
| FileZilla | 10880 10899 |
filezilla |
||
| Gordic | Ginis | 10900 10919 |
gordic-ginis |
|
| IceWarp | Mail Center | 10920 10939 |
icewarp |
|
| Kubernetes | 10940 10959 |
kubernetes |
||
| McAfee WebWasher | 10960 10979 |
mcafee-webwasher |
||
| MikroTik | 10980 10999 |
mikrotik |
||
| Oracle | Listener | 11000 11019 |
oracle-listener |
|
| Oracle | Spark | 11020 11039 |
oracle-spark |
|
| Ntopng | 11060 11079 |
ntopng |
||
| OpenVPN | 11080 11099 |
openvpn |
||
| SentinelOne | 11100 11119 |
sentinelone |
||
| Squid | Proxy | 11120 11139 |
squid-proxy |
|
| Synology | NAS | 11140 11159 |
synology-nas |
|
| Veeam | Backup & Replication | 11160 11179 |
veeam-backup-replication |
|
| ySoft | SafeQ | 11180 11199 |
ysoft-safeq |
|
| Ubiquiti | UniFi Controller | 11200 11219 |
ubiquiti-unifi-controller |
|
| Ubiquiti | UniFi Cloud Key | 11240 11259 |
ubiquiti-unifi-cloud-key |
|
| Ubiquiti | Unifi Switch | 11220 11239 |
ubiquiti-unifi-switch |
|
| VMware | vCenter | 11300 11319 |
vmware-vcenter |
|
| VMware | vCloud Director | 11320 11339 |
vmware-vcloud-director |
|
| VMware | ESXi | 11340 11359 |
vmware-esxi |
|
| ZyXEL | CEF | 11440 11459 |
zyxel-cef |
|
| ZyXEL | GS2210 | 11460 11479 |
zyxel-gs2210 |
|
| Sophos | Standard Syslog Protocol | 11500 11519 |
sophos-standard-syslog-protocol |
|
| Sophos | Syslog Devide Standard Format | 11520 11539 |
sophos-device-standard-format |
|
| Sophos | Unstructured Format | 11540 11559 |
sophos-unstructured |
|
| Custom | 14000 14099 |
custom |