SaaS Regions and IP Ranges

On this page, you can identify the correct endpoint and domain URL associated with your Sysdig SaaS application and region.

Sysdig SaaS applications are deployed in five data center regions:

At the data centers, Sysdig ensures the best security and compliance standards for your data.

This page lists the current Sysdig SaaS domains and IP ranges for each region.

Overview

Code-based Access

The endpoints for Sysdig Monitor and Sysdig Secure are the same in the US West (Amazon Web Services and Google Cloud Platform), AP Australia, and EU regions. When configuring code-based access to Sysdig Secure, use the endpoint rather than the website URL.

Single Sign-On

Sysdig SaaS users require the website address to reach the Sysdig applications. Use the appropriate website URL when configuring a single sign-on (SSO).

Collector

Sysdig agents in a SaaS-based deployment need to be able to reach the Sysdig collector. Depending on your network configuration, you may need to modify your firewall configuration to permit outbound connections from agents to the collector.

Inbound IP Addresses

The traffic originating from the Sysdig agent to the Sysdig backend is known as Sysdig SaaS inbound traffic. Allow the agent to send communication outbound on TCP 6443 to the inbound IP ranges associated with your SaaS region.

Outbound IP Addresses

Also known as source IP addresses, all the traffic originating from the Sysdig backend hosted in each region flows through one of the corresponding source IP addresses. Event Forwarding and Alert Notifications are examples of communication originating from the Sysdig backend.

Guidelines for Allowlist

Choose what to allowlist, based on the Sysdig products and features you use. The allowlist values vary based on the Sysdig Platform region you use.

Ensure that you add download.sysdig.com to the set of URLs in the allowlist for all the Sysdig SaaS regions.

If you run:

Monitor Only

Allow:

Monitor Domain (optional, if needed to communicate with API for, as an example, an on-prem Jenkins job)
IP Ranges
Collector (endpoints and ports)
Prometheus endpoint
If you are using Prometheus remote write or on-prem Grafana.

Secure Vulnerability Management and Scanning

Allow:

Secure Endpoint
The Secure endpoint communicates to the API.
S3 Bucket where the Vulnerability database is stored.
Node analyzer
For the legacy engine host scanner; the new engine does not require you to allow the runtime scanner.

Secure Threat Detection

Allow:

Secure Endpoint
Collector (endpoints and ports)

Actionable Compliance KSPM

Allow:

Secure Endpoint

On-Premises Vulnerability Feeds

Allow:

Secure Endpoint
The Secure endpoint communicates to the API.
S3 Bucket where Vulnerability database is stored.

Note: This is only necessary for the Vulnerability Management engine until airgapped support is available.

Sysdig Platform Regions

US East (North Virginia)

Sysdig Application	Domain	IP Range
Sysdig Monitor	https://app.sysdigcloud.com	All the traffic originating from the US East data center will have one of the following source IP addresses: 54.82.115.3 50.19.72.123 18.207.87.189 The Sysdig SaaS inbound IP addresses are: 18.214.168.193 3.210.216.124 44.196.252.240
Sysdig Secure	Endpoint: https://secure.sysdig.com Website URL: https://secure.sysdig.com	All the traffic originating from the US East data center will have one of the following source IP addresses: 54.82.115.3 50.19.72.123 18.207.87.189 The Sysdig SaaS inbound IP addresses are: 18.214.168.193 3.210.216.124 44.196.252.240
Sysdig Collector	collector.sysdigcloud.com (Collector port: 6443) collector-alt.sysdigcloud.com (Collector port: 443)	18.214.168.193 3.210.216.124 44.196.252.240
Node Analyzer	https://collector.sysdigcloud.com/internal/scanning/scanning-analysis-collector
S3 URLs for Vulnerability Management	https://secure-feeds-production-us-east-1-761931097553.s3.us-east-1.amazonaws.com
API Docs	https://app.sysdigcloud.com/api/public/docs/index.html https://secure.sysdig.com/swagger.html

US West (Oregon)

Sysdig Application	Domain	IP Range
Sysdig Monitor	https://us2.app.sysdig.com	All the traffic originating from the US West data center will have one of the following source IP addresses: 54.218.164.215 54.244.190.180 44.232.85.27 The Sysdig SaaS inbound IP addresses are: 54.190.202.108 54.203.169.53 54.70.9.188
Sysdig Secure	Endpoint: https://us2.app.sysdig.com Website URL: https://us2.app.sysdig.com/secure/	All the traffic originating from the US West data center will have one of the following source IP addresses: 54.218.164.215 54.244.190.180 44.232.85.27 The Sysdig SaaS inbound IP addresses are: 54.190.202.108 54.203.169.53 54.70.9.188
Sysdig Collector	ingest-us2.app.sysdig.com (Collector port: 6443) ingest-alt-us2.app.sysdig.com (Collector port: 443)	54.190.202.108 54.203.169.53 54.70.9.188
Node Analyzer	`https://us2.app.sysdig.com/internal/scanning/scanning-analysis-collector`
S3 URLs for Vulnerability Management	https://secure-feeds-production-us-west-2-263844535661.s3.us-west-2.amazonaws.com
API Docs	https://us2.app.sysdig.com/api/public/docs/index.html https://us2.app.sysdig.com/secure/swagger.html

US West (GCP)

Sysdig Application	Domain	IP Range
Sysdig Monitor	https://app.us4.sysdig.com	All the traffic originating from the US West (GCP) data center will have one of the following source IP addresses: 34.105.1.7 34.127.13.141 The Sysdig SaaS inbound IP addresses are: 34.145.19.124
Sysdig Secure	Endpoint: https://app.us4.sysdig.com/ Website URL: https://app.us4.sysdig.com/secure/	All the traffic originating from the US West (GCP) data center will have one of the following source IP addresses: 34.105.1.7 34.127.13.141 The Sysdig SaaS inbound IP address is: 34.145.19.124
Sysdig Collector	ingest.us4.sysdig.com (Collector port: 6443) ingest-alt.us4.sysdig.com (Collector port: 443)	34.145.123.253
Node Analyzer	`https://app.us4.sysdig.com/internal/scanning/scanning-analysis-collector`
S3 URLs for Vulnerability Management	https://storage.googleapis.com/us4-prod-usw1-e33c-us-west1-us-secure-feeds
API Docs	https://app.us4.sysdig.com/api/public/docs/index.html https://app.us4.sysdig.com/secure/swagger.html

European Union

Sysdig Application	Domain	IP Range
Sysdig Monitor	https://eu1.app.sysdig.com	All traffic originating from the European Union (EU) data center will have one of the following source IP addresses: 3.127.3.205 3.127.111.42 18.157.104.82 The Sysdig SaaS inbound IP addresses are: 18.156.190.126 18.157.62.50 3.126.167.54
Sysdig Secure	Endpoint: https://eu1.app.sysdig.com Website URL: https://eu1.app.sysdig.com/secure/	All traffic originating from the European Union (EU) data center will have one of the following source IP addresses: 3.127.3.205 3.127.111.42 18.157.104.82 The Sysdig SaaS inbound IP addresses are: 18.156.190.126 18.157.62.50 3.126.167.54
Sysdig Collector	ingest-eu1.app.sysdig.com (Collector port: 6443) ingest-alt-eu1.app.sysdig.com (Collector port: 443)	18.156.190.126 18.157.62.50 3.126.167.54
Node Analyzer	`https://eu1.app.sysdig.com/internal/scanning/scanning-analysis-collector`
S3 URLs for Vulnerability Management	https://secure-feeds-production-eu-central-1-263844535661.s3.eu-central-1.amazonaws.com
API Docs	https://eu1.app.sysdig.com/api/public/docs/index.html https://eu1.app.sysdig.com/secure/swagger.html

Asia Pacific (Sydney)

Sysdig Application	Domain	IP Range
Sysdig Monitor	https://app.au1.sysdig.com	All traffic originating from the Asia Pacific (AP) data center will have one of the following source IP addresses: 13.236.248.84 13.236.151.38 13.54.145.96 The Sysdig SaaS inbound IP addresses are: 13.238.59.195 52.62.57.59 52.64.82.29
Sysdig Secure	Endpoint: https://app.au1.sysdig.com/ Website URL: https://app.au1.sysdig.com/secure/	All traffic originating from the Asia Pacific (AP) data center will have one of the following source IP addresses: 13.236.248.84 13.236.151.38 13.54.145.96 The Sysdig SaaS inbound IP addresses are: 13.238.59.195 52.62.57.59 52.64.82.29
Sysdig Collector	ingest.au1.sysdig.com (Collector port: 6443) ingest-alt.au1.sysdig.com (Collector port: 443)	13.238.59.195 52.62.57.59 52.64.82.29
Node Analyzer	`https://app.au1.sysdig.com/internal/scanning/scanning-analysis-collector`
S3 URLs for Vulnerability Management	https://secure-feeds-production-ap-southeast-2-263844535661.s3.ap-southeast-2.amazonaws.com
API Docs	https://app.au1.sysdig.com/api/public/docs/index.html https://app.au1.sysdig.com/secure/swagger.html

Middle East (GCP)

Sysdig Application	Domain	IP Range
Sysdig Monitor	https://app.me2.sysdig.com	All the traffic originating from the Dammam (GCP) data center will have the following source IP addresses: 34.166.37.127 The Sysdig SaaS inbound IP addresses is: 34.166.29.55
Sysdig Secure	Endpoint: https://app.me2.sysdig.com/ Website URL: https://app.me2.sysdig.com/secure/	All the traffic originating from the Dammam (GCP (GCP) data center will have the following source IP addresses: 34.166.37.127 The Sysdig SaaS inbound IP address is: 34.166.29.55
Sysdig Collector	ingest.me2.sysdig.com (Collector port: 6443)	34.166.32.4
Node Analyzer	`https://app.me2.sysdig.com/internal/scanning/scanning-analysis-collector`
S3 URLs for Vulnerability Management	https://storage.googleapis.com/me2-prod-mec2-6642-me-central2-secure-feeds
API Docs	https://app.me2.sysdig.com/api/public/docs/index.html https://app.me2.sysdig.com/secure/swagger.html

Asia Pacific South (Mumbai)

Sysdig Application	Domain	IP Range
Sysdig Monitor	https://app.in1.sysdig.com	All the traffic originating from the Mumbai data center will have the following source IP addresses: 13.232.18.255 3.111.123.49 65.2.7.2 The Sysdig SaaS inbound IP addresses are: 13.201.147.2 3.6.182.175 43.205.223.39
Sysdig Secure	Endpoint: https://app.in1.sysdig.com Website URL: https://app.in1.sysdig.com/secure/	All the traffic originating from the Mumbai data center will have the following source IP addresses: 13.232.18.255 3.111.123.49 65.2.7.2 The Sysdig SaaS inbound IP addresses are: 13.201.147.2 3.6.182.175 43.205.223.39
Sysdig Collector	ingest.in1.sysdig.com (Collector port: 6443)	13.201.147.2 3.6.182.175 43.205.223.39
S3 URLs for Vulnerability Management	https://secure-feeds-production-ap-south-1-975050200984.s3.ap-south-1.amazonaws.com
API Docs	https://app.in1.sysdig.com/apidocs/monitor/ https://app.in1.sysdig.com/apidocs/secure/

Service-Specific Connections

Protocols

HTTPS (Hypertext Transfer Protocol Secure)
WSS (Web Socket Secure)
TLS (Transport Layer Security)

Sysdig Collector Ports

Sysdig Agent uses the following ports to communicate with the Sysdig Collector.

Regions	Port
US East	Collector: SSL/TLS 6443 UI/API: HTTPS 443
US West	Collector: SSL/TLS 6443 Collector Alt: SSL/TLS 443 UI/API: HTTPS 443
US West (GCP)	Collector: SSL/TLS 6443 UI/API: HTTPS 443
EU	Collector: SSL/TLS 6443 Collector Alt: SSL/TLS 443 UI/API: HTTPS 443
Asia Pacific (Sydney)	Collector: SSL/TLS 6443 Collector Alt: SSL/TLS 443 UI/API: HTTPS 443
Middle East - Dammam (GCP)	Collector: SSL/TLS 6443 UI/API: HTTPS 443
AP South (Mumbai)	Collector: SSL/TLS 6443 UI/API: HTTPS 443

AWS Account IDs

Regions	AWS Account IDs
US East	`761931097553`
US West	`263844535661`
EU	`263844535661`
Asia Pacific	`263844535661`
AP South (Mumbai)	`975050200984`

Redirect URLs for Authentication

Authentication Protocol	US East	Other Regions
SAML	Sysdig Monitor ACS URL / Sign on URL: https://app.sysdigcloud.com/api/saml/auth Entity ID: https://app.sysdigcloud.com Sysdig Secure ACS URL / Sign on URL: https://secure.sysdig.com/api/saml/secureAuth Entity ID: https://secure.sysdig.com/	Sysdig Monitor ACS URL / Sign on URL: https://eu1.app.sysdig.com/api/saml/auth Entity ID: https://eu1.app.sysdig.com ACS URL / Sign on URL: https://us2.app.sysdig.com/api/saml/auth Entity ID: https://us2.app.sysdig.com ACS URL / Sign on URL: https://app.au1.sysdig.com/api/saml/auth Entity ID: https://app.au1.sysdig.com ACS URL / Sign on URL: https://app.us4.sysdig.com/api/saml/auth Entity ID: https://app.us4.sysdig.com ACS URL / Sign on URL: https://app.me2.sysdig.com/api/saml/auth Entity ID: https://app.me2.sysdig.com ACS URL / Sign on URL: https://app.in1.sysdig.com/api/saml/auth Entity ID: https://app.in1.sysdig.com Sysdig Secure ACS URL / Sign on URL: https://eu1.app.sysdig.com/api/saml/secureAuth Entity ID: https://eu1.app.sysdig.com/secure/ ACS URL / Sign on URL: https://us2.app.sysdig.com/api/saml/secureAuth Entity ID: https://us2.app.sysdig.com/secure/ ACS URL / Sign on URL: https://app.au1.sysdig.com/api/saml/secureAuth Entity ID: https://app.au1.sysdig.com/secure/ ACS URL / Sign on URL: https://app.us4.sysdig.com/api/saml/secureAuth Entity ID: https://app.us4.sysdig.com/secure/ ACS URL / Sign on URL: https://app.me2.sysdig.com/api/saml/secureAuth Entity ID: https://app.me2.sysdig.com/secure/ ACS URL / Sign on URL: https://app.in1.sysdig.com/api/saml/secureAuth Entity ID: https://app.in1.sysdig.com/secure/
OpenID	Sysdig Monitor Redirect URL: https://app.sysdigcloud.com/api/oauth/openid/auth Sysdig Secure Redirect URL: https://secure.sysdig.com/api/oauth/openid/secureAuth	Sysdig Monitor Redirect URL: https://eu1.app.sysdig.com/api/oauth/openid/auth https://us2.app.sysdig.com/api/oauth/openid/auth https://app.au1.sysdig.com/api/oauth/openid/auth https://app.us4.sysdig.com/api/oauth/openid/auth https://app.me2.sysdig.com/api/oauth/openid/auth https://app.in1.sysdig.com/api/oauth/openid/auth Sysdig Secure Redirect URL: https://eu1.app.sysdig.com/api/oauth/openid/secureAuth https://us2.app.sysdig.com/api/oauth/openid/secureAuth https://app.au1.sysdig.com/api/oauth/openid/secureAuth https://app.us4.sysdig.com/api/oauth/openid/secureAuth https://app.me2.sysdig.com/api/oauth/openid/secureAuth https://app.in1.sysdig.com/api/oauth/openid/secureAuth
Google OAuth	Sysdig Monitor https://app.sysdigcloud.com/api/oauth/google/auth Sysdig Secure https://secure.sysdig.com/api/oauth/google/secureAuth	Sysdig Monitor https://eu1.app.sysdig.com/api/oauth/google/auth https://us2.app.sysdig.com/api/oauth/google/auth https://app.au1.sysdig.com/api/oauth/google/auth https://app.us4.sysdig.com/api/oauth/google/auth https://app.me2.sysdig.com/api/oauth/google/auth https://app.in1.sysdig.com/api/oauth/google/auth Sysdig Secure https://eu1.app.sysdig.com/api/oauth/google/secureAuth https://us2.app.sysdig.com/api/oauth/google/secureAuth https://app.au1.sysdig.com/api/oauth/google/secureAuth https://app.us4.sysdig.com/api/oauth/google/secureAuth https://app.me2.sysdig.com/api/oauth/google/secureAuth https://app.in1.sysdig.com/api/oauth/google/secureAuth

Prometheus Endpoints and Regions

Prometheus Remote Write

Prometheus Remote Write resides in the ingest endpoints for each region under /prometheus/remote/write. The public Prometheus Remote Write endpoints for each region are listed below:

Region	Endpoints
US East	`https://api.sysdigcloud.com/prometheus/remote/write`
US West	`https://us2.app.sysdig.com/prometheus/remote/write`
US West (GCP)	`https://app.us4.sysdig.com/prometheus/remote/write`
European Union	`https://eu1.app.sysdig.com/prometheus/remote/write`
Asia Pacific (Sydney)	`https://app.au1.sysdig.com/prometheus/remote/write`
Middle East - Dammam (GCP)	`https://app.me2.sysdig.com/prometheus/remote/write`
AP South (Mumbai)	`https://app.in1.sysdig.com/prometheus/remote/write`

Grafana Integrations

Use the following Prometheus endpoints for Grafana integrations.

Region	Endpoint
US East	`https://app.sysdigcloud.com/prometheus`
US West	`https://us2.app.sysdig.com/prometheus`
US West (GCP)	`https://app.us4.sysdig.com/prometheus`
EU Central	`http://https://eu1.app.sysdig.com/prometheus`
Asia Pacific (Sydney)	`https://app.au1.sysdig.com/prometheus`
Middle East - Dammam (GCP)	`https://app.me2.sysdig.com/prometheus`
AP South (Mumbai)	`https://app.in1.sysdig.com/prometheus`

Feedback

Was this page helpful?

Glad to hear it! Please tell us how we can improve.

Sorry to hear that. Please tell us how we can improve.