Enable UDP on Windows for Firewall Log Analyzer

Updated 3 months ago by Billy Austin

RocketCyber's Firewall Log Analyzer is architected to eliminate the need of shipping hardware or deploying complex software. To facilitate the collection of firewall telemetry, UDP 514 is the recommended protocol/port. It is very common that the configuration of Windows Firewall has this blocked.

To allow Inbound UDP 514 on your Windows host as the syslog collector, see steps below:

Windows 10

Control Panel > Systems and Security > Windows Defender Firewall > Allow an App through Windows Firewall > Advanced Settings > Inbound Rules > New Rule > Port 'choose next' > UDP Specify Port 514 'choose next' > Allow Connection 'choose next' > Rule Applies [Domain, Public, Private = all checked] 'choose next' > Name it RocketCyber Syslog and Finish

How did we do?

Powered by HelpDocs

Powered by HelpDocs