Ports for workers

Scot · December 5, 2019, 2:19pm

Have two machines, one running manager, logger, proxy, worker.

Second machine running worker.

Cluster appears to be working.

However, some of the commands in zeekctl hang. (peerstatus, netstats)

Appears to be due to firewall on the second machine. Disabling firewall the commands work as expected.

What ports on the second machine need to be opened?

I found ports for:

Logger 47761

Manager 47762

Proxy 47763

Thank you.

JustinAzoff · December 5, 2019, 2:43pm

It’s explained here:

You can also see exactly what ports have been allocated if you look at

/usr/local/bro/spool/installed-scripts-do-not-touch/auto/cluster-layout.bro

Topic		Replies	Views
Zeek Not Capturing after upgrade to 5.2.0 Zeek	5	253	April 3, 2023
zeek cluster stop worker Zeek	1	184	May 6, 2022
Question regarding distributed clustering with Zeek! Zeek	4	107	May 6, 2022
Cluster configuration zeekctl status hangs Zeek	4	127	May 6, 2022
Zeek Cluster with VM Zeek	4	222	May 4, 2023