Does the cribl Stream leader do anything on port 3128?

Harry Gardner · September 2023

David Maislin · September 2023

Sounds like a proxy?

Harry Gardner · September 2023

yea im pretty sure what we're seeing is the aws squid proxy. But our security guys are hunting down anything else that might be using that port.

Paul Dott · September 2023

I don't think cribl uses that port by default, you must deliberately configure a proxy. ie for the cribl telemetry endpoint or other external calls.

Harry Gardner · September 2023

Got it, thanks.

Brandon McCombs · September 2023

Stream leader only uses 9000 and 4200 for inbound connections. See https://docs.cribl.io/stream/deploy-distributed#port-requirements

Answers