SaaS Regions and IP Ranges

On this page, you can identify the correct endpoint and domain URL associated with your Sysdig SaaS application and region.

Sysdig SaaS applications are deployed in five data center regions:

At the data centers, Sysdig ensures the best security and compliance standards for your data.

This page lists the current Sysdig SaaS domains and IP ranges for each region.

Overview

Code-based Access

The endpoints for Sysdig Monitor and Sysdig Secure are the same in the US West (Amazon Web Services and Google Cloud Platform), AP Australia, and EU regions. When configuring code-based access to Sysdig Secure, use the endpoint rather than the website URL.

Single Sign-On

Sysdig SaaS users require the website address to reach the Sysdig applications. Use the appropriate website URL when configuring a single sign-on (SSO).

Collector

Sysdig agents in a SaaS-based deployment need to be able to reach the Sysdig collector. Depending on your network configuration, you may need to modify your firewall configuration to permit outbound connections from agents to the collector.

Inbound IP Addresses

The traffic originating from the Sysdig agent to the Sysdig backend is known as Sysdig SaaS inbound traffic. Allow the agent to send communication outbound on TCP 6443 to the inbound IP ranges associated with your SaaS region.

Outbound IP Addresses

Also known as source IP addresses, all the traffic originating from the Sysdig backend hosted in each region flows through one of the corresponding source IP addresses. Event Forwarding and Alert Notifications are examples of communication originating from the Sysdig backend.

Guidelines for Allowlist

Choose what to allowlist, based on the Sysdig products and features you use. The allowlist values vary based on the Sysdig Platform region you use.

Ensure that you add download.sysdig.com to the set of URLs in the allowlist for all the Sysdig SaaS regions.

If you run:

Monitor Only

Allow:

  • Monitor Domain (optional, if needed to communicate with API for, as an example, an on-prem Jenkins job)

  • IP Ranges

  • Collector (endpoints and ports)

  • Prometheus endpoint

    If you are using Prometheus remote write or on-prem Grafana.

Secure Vulnerability Management and Scanning

Allow:

  • Secure Endpoint

    The Secure endpoint communicates to the API.

  • S3 Bucket where the Vulnerability database is stored.

  • Node analyzer

    For the legacy engine host scanner; the new engine does not require you to allow the runtime scanner.

Secure Threat Detection

Allow:

  • Secure Endpoint
  • Collector (endpoints and ports)

Actionable Compliance KSPM

Allow:

  • Secure Endpoint

On-Premises Vulnerability Feeds

Allow:

  • Secure Endpoint

    The Secure endpoint communicates to the API.

  • S3 Bucket where Vulnerability database is stored.

Note: This is only necessary for the Vulnerability Management engine until air-gapped support is available.

Sysdig Platform Regions

US East (North Virginia)

Sysdig ApplicationDomainIP Range
Sysdig Monitorhttps://app.sysdigcloud.comAll the traffic originating from the US East data center will have one of the following source IP addresses:

54.82.115.3
50.19.72.123
18.207.87.189

The Sysdig SaaS inbound IP addresses are:

18.214.168.193
3.210.216.124
44.196.252.240
Sysdig SecureEndpoint: https://secure.sysdig.com
Website URL: https://secure.sysdig.com
All the traffic originating from the US East data center will have one of the following source IP addresses:

54.82.115.3
50.19.72.123
18.207.87.189

The Sysdig SaaS inbound IP addresses are:

18.214.168.193
3.210.216.124
44.196.252.240
Sysdig Collectorcollector.sysdigcloud.com (Collector port: 6443)
collector-alt.sysdigcloud.com (Collector port: 443)
18.214.168.193
3.210.216.124
44.196.252.240
Node Analyzerhttps://collector.sysdigcloud.com/internal/scanning/scanning-analysis-collector
S3 URLs for Vulnerability Managementhttps://secure-feeds-production-us-east-1-761931097553.s3.us-east-1.amazonaws.com
API Docshttps://app.sysdigcloud.com/api/public/docs/index.html
https://secure.sysdig.com/swagger.html

US West (Oregon)

Sysdig ApplicationDomainIP Range
Sysdig Monitorhttps://us2.app.sysdig.comAll the traffic originating from the US West data center will have one of the following source IP addresses:
54.218.164.215
54.244.190.180
44.232.85.27

The Sysdig SaaS inbound IP addresses are:
54.190.202.108
54.203.169.53
54.70.9.188
Sysdig SecureEndpoint: https://us2.app.sysdig.com
Website URL: https://us2.app.sysdig.com/secure/
All the traffic originating from the US West data center will have one of the following source IP addresses:
54.218.164.215
54.244.190.180
44.232.85.27

The Sysdig SaaS inbound IP addresses are:
54.190.202.108
54.203.169.53
54.70.9.188
Sysdig Collectoringest-us2.app.sysdig.com (Collector port: 6443)

ingest-alt-us2.app.sysdig.com (Collector port: 443)
54.190.202.108
54.203.169.53
54.70.9.188
Node Analyzerhttps://us2.app.sysdig.com/internal/scanning/scanning-analysis-collector
S3 URLs for Vulnerability Managementhttps://secure-feeds-production-us-west-2-263844535661.s3.us-west-2.amazonaws.com
API Docshttps://us2.app.sysdig.com/api/public/docs/index.html
https://us2.app.sysdig.com/secure/swagger.html

US West (GCP)

Sysdig ApplicationDomainIP Range
Sysdig Monitorhttps://app.us4.sysdig.comAll the traffic originating from the US West (GCP) data center will have one of the following source IP addresses:

34.105.1.7
34.127.13.141

The Sysdig SaaS inbound IP addresses are:
34.145.19.124
Sysdig SecureEndpoint: https://app.us4.sysdig.com/
Website URL: https://app.us4.sysdig.com/secure/
All the traffic originating from the US West (GCP) data center will have one of the following source IP addresses:

34.105.1.7
34.127.13.141

The Sysdig SaaS inbound IP address is:
34.145.19.124
Sysdig Collectoringest.us4.sysdig.com (Collector port: 6443)
ingest-alt.us4.sysdig.com (Collector port: 443)
34.145.123.253
Node Analyzerhttps://app.us4.sysdig.com/internal/scanning/scanning-analysis-collector
S3 URLs for Vulnerability Managementhttps://storage.googleapis.com/us4-prod-usw1-e33c-us-west1-us-secure-feeds
API Docshttps://app.us4.sysdig.com/api/public/docs/index.html
https://app.us4.sysdig.com/secure/swagger.html

European Union

Sysdig ApplicationDomainIP Range
Sysdig Monitorhttps://eu1.app.sysdig.comAll traffic originating from the European Union (EU) data center will have one of the following source IP addresses:

3.127.3.205
3.127.111.42
18.157.104.82

The Sysdig SaaS inbound IP addresses are:

18.156.190.126
18.157.62.50
3.126.167.54
Sysdig SecureEndpoint: https://eu1.app.sysdig.com
Website URL: https://eu1.app.sysdig.com/secure/
All traffic originating from the European Union (EU) data center will have one of the following source IP addresses:

3.127.3.205
3.127.111.42
18.157.104.82

The Sysdig SaaS inbound IP addresses are:

18.156.190.126
18.157.62.50
3.126.167.54
Sysdig Collectoringest-eu1.app.sysdig.com (Collector port: 6443)

ingest-alt-eu1.app.sysdig.com (Collector port: 443)
18.156.190.126
18.157.62.50
3.126.167.54
Node Analyzerhttps://eu1.app.sysdig.com/internal/scanning/scanning-analysis-collector
S3 URLs for Vulnerability Managementhttps://secure-feeds-production-eu-central-1-263844535661.s3.eu-central-1.amazonaws.com
API Docshttps://eu1.app.sysdig.com/api/public/docs/index.html
https://eu1.app.sysdig.com/secure/swagger.html

Asia Pacific (Sydney)

Sysdig ApplicationDomainIP Range
Sysdig Monitorhttps://app.au1.sysdig.comAll traffic originating from the Asia Pacific (AP) data center will have one of the following source IP addresses:

13.236.248.84
13.236.151.38
13.54.145.96

The Sysdig SaaS inbound IP addresses are:
13.238.59.195
52.62.57.59
52.64.82.29
Sysdig SecureEndpoint: https://app.au1.sysdig.com/
Website URL: https://app.au1.sysdig.com/secure/
All traffic originating from the Asia Pacific (AP) data center will have one of the following source IP addresses:

13.236.248.84
13.236.151.38
13.54.145.96

The Sysdig SaaS inbound IP addresses are:
13.238.59.195
52.62.57.59
52.64.82.29
Sysdig Collectoringest.au1.sysdig.com (Collector port: 6443)

ingest-alt.au1.sysdig.com (Collector port: 443)
13.238.59.195
52.62.57.59
52.64.82.29
Node Analyzerhttps://app.au1.sysdig.com/internal/scanning/scanning-analysis-collector
S3 URLs for Vulnerability Managementhttps://secure-feeds-production-ap-southeast-2-263844535661.s3.ap-southeast-2.amazonaws.com
API Docshttps://app.au1.sysdig.com/api/public/docs/index.html
https://app.au1.sysdig.com/secure/swagger.html

Middle East (GCP)

Sysdig ApplicationDomainIP Range
Sysdig Monitorhttps://app.me2.sysdig.comAll the traffic originating from the Dammam (GCP) data center will have the following source IP addresses:
34.166.37.127

The Sysdig SaaS inbound IP addresses is:
34.166.29.55
Sysdig SecureEndpoint: https://app.me2.sysdig.com//
Website URL: https://app.me2.sysdig.com/secure//
All the traffic originating from the Dammam (GCP (GCP) data center will have the following source IP addresses:
34.166.37.127

The Sysdig SaaS inbound IP address is:
34.166.29.55
Sysdig Collectoringest.me2.sysdig.com (Collector port: 6443)34.166.32.4
Node Analyzerhttps://app.me2.sysdig.com/internal/scanning/scanning-analysis-collector
S3 URLs for Vulnerability Managementhttps://storage.googleapis.com/me2-prod-mec2-6642-me-central2-secure-feeds
API Docshttps://app.me2.sysdig.com/api/public/docs/index.html
https://app.me2.sysdig.com/secure/swagger.html

Service-Specific Connections

Protocols

  • HTTPS (Hypertext Transfer Protocol Secure)
  • WSS (Web Socket Secure)
  • TLS (Transport Layer Security)

Sysdig Collector Ports

Sysdig Agent uses the following ports to communicate with the Sysdig Collector.

RegionsPort
US EastCollector: SSL/TLS 6443
UI/API: HTTPS 443
US WestCollector: SSL/TLS 6443
Collector Alt: SSL/TLS 443
UI/API: HTTPS 443
US West (GCP)Collector: SSL/TLS 6443
UI/API: HTTPS 443
EUCollector: SSL/TLS 6443
Collector Alt: SSL/TLS 443
UI/API: HTTPS 443
Asia Pacific (Sydney)Collector: SSL/TLS 6443
Collector Alt: SSL/TLS 443
UI/API: HTTPS 443
Middle East - Dammam (GCP)Collector: SSL/TLS 6443
UI/API: HTTPS 443

AWS Account IDs

RegionsAWS Account IDs
US East761931097553
US West263844535661
EU263844535661
Asia Pacific263844535661

Redirect URLs for Authentication

Authentication ProtocolUS EastOther Regions
SAMLSysdig Monitor
ACS URL / Sign on URL: https://app.sysdigcloud.com/api/saml/auth
Entity ID: https://app.sysdigcloud.com
Sysdig Secure
ACS URL / Sign on URL: https://secure.sysdig.com/api/saml/secureAuth
Entity ID: https://secure.sysdig.com/
Sysdig Monitor

ACS URL / Sign on URL:
https://eu1.app.sysdig.com/api/saml/auth
Entity ID: https://eu1.app.sysdig.com
ACS URL / Sign on URL:
https://us2.app.sysdig.com/api/saml/auth
Entity ID: https://us2.app.sysdig.com
ACS URL / Sign on URL:
https://app.au1.sysdig.com/api/saml/auth
Entity ID: https://app.au1.sysdig.com
ACS URL / Sign on URL:
https://app.us4.sysdig.com/api/saml/auth
Entity ID: https://app.us4.sysdig.com
ACS URL / Sign on URL:
https://app.me2.sysdig.com/api/saml/auth
Entity ID: https://app.me2.sysdig.com

Sysdig Secure
ACS URL / Sign on URL:
https://eu1.app.sysdig.com/api/saml/secureAuth
Entity ID: https://eu1.app.sysdig.com/secure/
ACS URL / Sign on URL:
https://us2.app.sysdig.com/api/saml/secureAuth
Entity ID: https://us2.app.sysdig.com/secure/
ACS URL / Sign on URL:
https://app.au1.sysdig.com/api/saml/secureAuth
Entity ID: https://app.au1.sysdig.com/secure/
ACS URL / Sign on URL:
https://app.us4.sysdig.com/api/saml/secureAuth
Entity ID: https://app.us4.sysdig.com/secure/
ACS URL / Sign on URL:
https://app.me2.sysdig.com/api/saml/secureAuth
Entity ID: https://app.me2.sysdig.com/secure/
OpenIDSysdig Monitor

Redirect URL:
https://app.sysdigcloud.com/api/oauth/openid/auth
Sysdig Secure
Redirect URL:
https://secure.sysdig.com/api/oauth/openid/secureAuth
Sysdig Monitor

Redirect URL:

https://eu1.app.sysdig.com/api/oauth/openid/auth
https://us2.app.sysdig.com/api/oauth/openid/auth
https://app.au1.sysdig.com/api/oauth/openid/auth
https://app.us4.sysdig.com/api/oauth/openid/auth
https://app.me2.sysdig.com/api/oauth/openid/auth

Sysdig Secure

Redirect URL:

https://eu1.app.sysdig.com/api/oauth/openid/secureAuth
https://us2.app.sysdig.com/api/oauth/openid/secureAuth
https://app.au1.sysdig.com/api/oauth/openid/secureAuth
https://app.us4.sysdig.com/api/oauth/openid/secureAuth
https://app.me2.sysdig.com/api/oauth/openid/secureAuth
Google OAuthSysdig Monitor

https://app.sysdigcloud.com/api/oauth/google/auth

Sysdig Secure
https://secure.sysdig.com/api/oauth/google/secureAuth
Sysdig Monitor

https://eu1.app.sysdig.com/api/oauth/google/auth
https://us2.app.sysdig.com/api/oauth/google/auth
https://app.au1.sysdig.com/api/oauth/google/auth
https://app.us4.sysdig.com/api/oauth/google/auth
https://app.me2.sysdig.com/api/oauth/google/auth

Sysdig Secure

https://eu1.app.sysdig.com/api/oauth/google/secureAuth
https://us2.app.sysdig.com/api/oauth/google/secureAuth
https://app.au1.sysdig.com/api/oauth/google/secureAuth
https://app.us4.sysdig.com/api/oauth/google/secureAuth
https://app.me2.sysdig.com/api/oauth/google/secureAuth

Prometheus Endpoints and Regions

Prometheus Remote Write

Prometheus Remote Write resides in the ingest endpoints for each region under /prometheus/remote/write. The public Prometheus Remote Write endpoints for each region are listed below:

RegionEndpoints
US Easthttps://api.sysdigcloud.com/prometheus/remote/write
US Westhttps://us2.app.sysdig.com/prometheus/remote/write
US West (GCP)https://app.us4.sysdig.com/prometheus/remote/write
European Unionhttps://eu1.app.sysdig.com/prometheus/remote/write
Asia Pacific (Sydney)https://app.au1.sysdig.com/prometheus/remote/write
Middle East - Dammam (GCP)https://app.me2.sysdig.com/prometheus/remote/write

Grafana Integrations

Use the following Prometheus endpoints for Grafana integrations.

RegionEndpoint
US Easthttps://app.sysdigcloud.com/prometheus
US Westhttps://us2.app.sysdig.com/prometheus
US West (GCP)https://app.us4.sysdig.com/prometheus
EU Centralhttps://eu1.app.sysdig.com/prometheus
Asia Pacific (Sydney)https://app.au1.sysdig.com/prometheus
Middle East - Dammam (GCP)https://app.me2.sysdig.com/prometheus