I have a query, i’ve been using graylog server for 6 months now. When we add inputs to Graylog server by routing rsyslog, syslog and GLEF INPUT( from Windows machines). we have to enable certain ports at both server and client (Input machines) for sending logs. do we need to enable a unique port at both graylog server and INPUTS for each INPUTS we add to server.
If yes, won’t it will create a vulnerability for my server if i open a lots of ports in Local network. Please suggest.
and Please do suggest me site or Location when i can find more content for Graylog servers. (Graylog site has too straight docs with no examples.)