New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add firewall documentation for the Azure Logs integration #9158
Conversation
🚀 Benchmarks reportTo see the full report comment with |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I left a few editing suggestions, otherwise LGTM.
@zmoog The only remark I have here is that 5672 is unencrypted AMQP traffic and should not be opened. I can confirm it is not needed, it works when only 5671 is allowed. I'd really advice to check
When the |
Thank you @willemdh, I'll double check both the ports and the URLs. |
According to the AMQP 1.0 in Azure Service Bus and Event Hubs protocol guide, is seems the service on port 5672 performs a mandatory upgrade of connection to TLS:
In the same document, in the AMQP outbound port requirements section, it lists both ports:
So my current understanding is that using both 5671 and 5672 ports is not insecure because the service requires a mandatory upgrade to TLS. I also noticed the document mentions the need for additional ports the EnableLinkRedirect is enabled:
Personally, I never enable this option, but I want to learn more. |
Co-authored-by: Arianna Laudazzi <46651782+alaudazzi@users.noreply.github.com>
Co-authored-by: Arianna Laudazzi <46651782+alaudazzi@users.noreply.github.com>
Co-authored-by: Arianna Laudazzi <46651782+alaudazzi@users.noreply.github.com>
b4f3816
to
da0f072
Compare
39030b8
to
fb1b99d
Compare
@alaudazzi, I made a few minor additions. Would you mind taking a final look? 🙇 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A few editing suggestions. LGTM.
Co-authored-by: Arianna Laudazzi <46651782+alaudazzi@users.noreply.github.com>
Co-authored-by: Arianna Laudazzi <46651782+alaudazzi@users.noreply.github.com>
Co-authored-by: Arianna Laudazzi <46651782+alaudazzi@users.noreply.github.com>
💚 Build Succeeded
History
cc @zmoog |
Quality Gate passedKudos, no new issues were introduced! 0 New issues |
Package azure - 1.9.2 containing this change is available at https://epr.elastic.co/search?package=azure |
* Add firewall documentation for the event hub --------- Co-authored-by: Arianna Laudazzi <46651782+alaudazzi@users.noreply.github.com>
Proposed commit message
Specify the TCP ports required to enable Azure Logs on an Agent behind a firewall.
Checklist
I have verified that all data streams collect metrics or logs.changelog.yml
file.I have verified that Kibana version constraints are current according to guidelines.Related issues