Loggregator Network Communications

This topic describes Loggregator internal network communication paths with other Elastic Runtime components.

Loggregator Communications

The following table lists network communication paths for Loggregator.

Source VM Destination VM Port Protocol Security and Authentication
Any* doppler† 3457 UDP Shared secret
Any* doppler 3458 TCP with length prefix None
Any* loggregator_trafficcontroller 8081 HTTP/WebSocket None
Any* cloud_controller (Statsd Injector) 8125 UDP None
Any* uaa (Statsd Injector) 8125 UDP None
Any VM running Metron doppler 8082 gRPC over HTTP/2 Mutual TLS
doppler (Syslog Drain Binder) cloud_controller 9023 HTTPS Mutual TLS
loggregator_trafficcontroller cloud_controller 443 HTTPS OAuth
loggregator_trafficcontroller doppler 8081 HTTP/WebSocket None
loggregator_trafficcontroller doppler 8082 gRPC over HTTP/2 Mutual TLS
loggregator_trafficcontroller uaa 443 HTTPS OAuth
loggregator_trafficcontroller (Reverse Log Proxy) doppler 8082 gRPC over HTTP/2 Mutual TLS
loggregator_trafficcontroller (Route Registrar) nats 4222 NATS Basic authentication

*Any source VM can send requests to the specified destination within its subnet.

Starting from ERT v1.11, Metron does not use the UDP protocol to communicate with Doppler. However, Doppler still allows UDP traffic from Metron VMs to support legacy environments.

Consul Communications

ERT components call out to Consul for service discovery. For more information, see Consul Network Communications.

Create a pull request or raise an issue on the source for this page in GitHub