How to update the web server port for EventLog Analyzer
Objective
EventLog Analyzer can be accessed using a server identity address, like Hostname/FQDN/IP, along with a web server port (default ports: HTTP-TCP 8400 and HTTPS-TCP 8445). This article will explain how to update the web server port for EventLog Analyzer.
Prerequisites
Have access to the EventLog Analyzer user interface as an admin.
Ensure the new port number is unused in the EventLog Analyzer server.
Steps to follow
- Log in to EventLog Analyzer as an admin.
- Update the port number for the enabled protocol.
- Save the settings.
Note: Enter an unused port which is not utilized by other applications in the server. If you attempt to use the same port used by another application or process, you may get an error stating that the port is already in use (see the screenshot below).
e. You can switch the protocol from HTTP to HTTPS. It is recommended to apply an SSL certificate when switching to HTTPS. Refer to How to apply an SSL certificate in EventLog Analyzer for information on that process. You can also switch between HTTPS to HTTP in this same setting (if required).
Tips
- Apply an SSL certificate for secure communication.
- Use an unused port which is not utilized by other applications in the server.
How to check if the port is occupied:
Windows:
Option 1: PowerShell command: The command below returns the process name for the respective port number specified.
Get-Process -Id (Get-NetTCPConnection -LocalPort <PORT>).OwningProcess
Replace <PORT> with the actual port number.
Note: If nothing is returned, it likely means no process is currently using that port.
Option 2: Resource monitor
Steps:
1. Press Win + R > type resmon > hit Enter.
2. Go to the Network tab.
3. Expand Listening Ports.
4. Check the Port, PID, and Associated Process columns.
You can see all the listening ports and their associated processes.
Linux/Unix:
Execute ss -tulnp to get the list of processes and their ports used in the server. Identify if the port that you are looking for is in use. If not, proceed to use the port number.
You can also use sudo ss -tulnp | grep :<PORT> to check if the specified <PORT> is used by any process in the background.
New to ADSelfService Plus?
Related Articles
Unable to start EventLog Analyzer
Issue description This issue occurs when the EventLog Analyzer service fails to start, or when users are unable to access the web client through the browser (typically on ports 8400 or 8445). Users may experience one or more of the following ...Windows agent not communicating with EventLog Analyzer server
Issue description When the agent fails to communicate with the EventLog Analyzer server, the log transfer between devices is disrupted. As a result, logs accumulate on the agent machine until connectivity is restored. This delay in log transmission ...Unable to login to EventLog Analyzer
Issue description Users are unable to log in to the EventLog Analyzer web console due to issues such as incorrect credentials, improper authentication method selection, unsynced domain accounts, or browser-related problems. This article provides a ...Troubleshooting guide: EventLog Analyzer UI is unresponsive
Overview This document outlines the common causes and recommended steps to resolve the issue when the EventLog Analyzer UI becomes unresponsive. Possible causes Insufficient system resources High CPU or memory usage on the server. Low disk space in ...How to add Topsec device in EventLog Analyzer
Objective EventLog Analyzer collects logs from Topsec devices using the Syslog protocol. Syslog services has to be configured in Topsec Devices to have the logs forwarded to EventLog Analyzer. This article offers you step by step instructions to add ...