Source Agent
The source agent requires the network access to the Elasticsearch cluster as outlined in the firewall section. This will be over port 9200 by default. The source agent also requires network access to all source systems.
Default port for this agent: 2221
Security specifics:
By default, the windows service will run as the local system account. There should be no reason to change this.
The account will require read access to the installation folder for Aiimi Insight Engine.
The account will require write access to the logs folder.
The account will require read access to the security certificates used to secure communications with Elasticsearch.