Ports used by KUMA during installation

Kaspersky Unified Monitoring and Analysis Platform

Support Send link Get as PDF

Administrator's guide > Installing and removing KUMA > Ports used by KUMA during installation

Ports used by KUMA during installation

For the application to run correctly, you need to ensure that the KUMA components are able to interact with other components and applications over the network using the protocols and ports specified during the installation of the KUMA components.

Before installing the Core on a device, make sure that the following ports are available:

9090: used by Victoria Metrics.
8880: used by VMalert.
27017: used by MongoDB.

The table below lists the default ports. The installer automatically opens the ports during KUMA installation.

Network ports used for the interaction of KUMA components

Protocol	Port	Direction	Purpose of the connection
HTTPS	7222	From the KUMA client to the KUMA Core server.	Reverse proxy to the CyberTrace system.
HTTPS	8123	Local requests from the storage service to the local node of the ClickHouse cluster.	Writing and getting normalized events in the ClickHouse cluster.
HTTPS	8429	From the KUMA agent to the KUMA Core server.	Logging KUMA agent performance metrics.
HTTPS	9009	Between replicas of the ClickHouse cluster.	Internal data communication between replicas of the ClickHouse cluster.
TCP	2181	From ClickHouse cluster nodes to the ClickHouse keeper replication coordination service.	Getting and writing replication metadata by replicas of ClickHouse servers.
TCP	2182	From one ClickHouse keeper replication coordination service to another.	Internal communication between replication coordination services to reach a quorum.
TCP	7210	From all KUMA components to the KUMA Core server.	Getting the KUMA configuration from the KUMA Core server.
TCP	7220	From the KUMA client to the server with the KUMA Core component. From storage hosts to the KUMA Core server during installation or upgrade.	User access to the KUMA web interface. Interaction between the storage hosts and the KUMA Core during installation or upgrade. You can close this port after completing the installation or upgrade.
TCP	7221 and other ports used for service installation as the value of --api.port <port>	From KUMA Core to KUMA services.	Administration of services from the KUMA web interface.
TCP	7223	To the KUMA Core server.	Default port for API requests.
TCP	8001	From Victoria Metrics to the ClickHouse server.	Getting ClickHouse server operation metrics.
TCP	9000	Outgoing and incoming connections between servers of the ClickHouse cluster. From the local client.sh client to the local cluster node.	Port of the ClickHouse native protocol (also called ClickHouse TCP). Used by ClickHouse applications and processes, such as clickhouse-server, clickhouse-client, and native ClickHouse tools Used for inter-server communication for distributed queries. Also used for writing and getting data in the ClickHouse cluster.

Ports used by predefined OOTB resources

The installer automatically opens these ports during KUMA installation.

Ports used by predefined OOTB resources:

7230/tcp
7231/tcp
7232/tcp
7233/tcp
7234/tcp
7235/tcp
5140/tcp
5140/udp
5141/tcp
5144/udp

KUMA Core traffic in a high availability configuration

The "KUMA Core traffic in a high availability configuration" table lists connection initiators (sources) and destinations. The port number of the initiator can be dynamic. Return traffic within the established connection must not be blocked.

KUMA Core traffic in a high availability configuration

Source	Destination	Destination port	Type
External KUMA services	Load balancer	7209	TCP
External KUMA services	Load balancer	7210	TCP
External KUMA services	Load balancer	7220	TCP
External KUMA services	Load balancer	7222	TCP
External KUMA services	Load balancer	7223	TCP
KUMA agents	Load balancer	8429	TCP
Worker node	Load balancer	6443	TCP
Worker node	Load balancer	8132	TCP
Control node	Load balancer	6443	TCP
Control node	Load balancer	8132	TCP
Control node	Load balancer	9443	TCP
Worker node	External KUMA services	Depending on the settings specified when creating the service.	TCP
Load balancer	Worker node	7209	TCP
Load balancer	Worker node	7210	TCP
Load balancer	Worker node	7220	TCP
Load balancer	Worker node	7222	TCP
Load balancer	Worker node	7223	TCP
Load balancer	Worker node	8429	TCP
External KUMA services	Worker node	7209	TCP
External KUMA services	Worker node	7210	TCP
External KUMA services	Worker node	7220	TCP
External KUMA services	Worker node	7222	TCP
External KUMA services	Worker node	7223	TCP
KUMA agents	Worker node	8429	TCP
Worker node	Worker node	179	TCP
Worker node	Worker node	9500	TCP
Worker node	Worker node	10250	TCP
Worker node	Worker node	51820	UDP
Worker node	Worker node	51821	UDP
Control node	Worker node	10250	TCP
Load balancer	Control node	6443	TCP
Load balancer	Control node	8132	TCP
Load balancer	Control node	9443	TCP
Worker node	Control node	6443	TCP
Worker node	Control node	8132	TCP
Worker node	Control node	10250	TCP
Control node	Control node	2380	TCP
Control node	Control node	6443	TCP
Control node	Control node	9443	TCP
Control node	Control node	10250	TCP
Cluster management console (CLI)	Load balancer	6443	TCP
Cluster management console (CLI)	Control node	6443	TCP

Article ID: 217770, Last review: Apr 23, 2025

Page top