Hi, we are trying to use Splunk Insights for Infrastructure in a large company where security policies are quite tight. By default, machines have open connections to port 9997 on Heavy Forwarders, so opening a new port on 8088 for each agent install is not practical.
Is it possible to make insights CollectD agent use the Universal Forwarder, that is also in the agent machine, to send its data instead of directly sending data to the Infrastructure server using HEC on port 8088?
Any other suggestions?
Many thanks in advance!
Luis Bontempo
... View more