Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000038585 - How to change AMQP port from 5671 to 443 in RSA NetWitness VLC

Document created by RSA Customer Support

on Mar 24, 2020

Version 1Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000038585
Applies To	RSA Product Set: RSA NetWitness Platform RSA Product/Service Type: Core Appliance RSA Version/Condition: 11.x Platform: CentOS 7
Issue	How to change AMQP port to port 443 in RSA NetWitness 11.x
Cause	Customer only allows 443 as the data communication port from VLC -> Log decoder, thus they must change. That’s the compliance policy for their environment.
Resolution	Need to follow the below steps for enabling port 443 rather than using port 5671. SSH to the LC Box and update following entry in the iptables On logCollector box enable custom firewall option as per the following guide in the following community (https://community.rsa.com/docs/DOC-93651) and update the iptables with the below entry vi /etc/sysconfig/iptables" ( -A PREROUTING -p tcp -m multiport --dports 443 -m comment --comment "1 RabbitMQ 5671 to 443" -j REDIRECT --to-ports 5671 ) Save the changes Service iptables restart SSH to VLC and edit the shovel config and update 443 port that is shown below. vi /etc/rabbitmq/shovel_config {addresses,["10.125.246.116:443"]} service rabbitmq-server restart Check from the Web UI Shovel status showing as green and pushing logs to the LC

Attachments

Outcomes

0 Comments

Recommended Content