SaaS Regions and IP Ranges
Sysdig SaaS applications are deployed in five data center regions:
- US East (Virginia)
- US West AWS (Oregon)
- US West GCP (Dallas)
- AP Australia (Sydney)
- European Union (Frankfurt)
- Middle East (Dammam)
- AP South (Mumbai)
At the data centers, Sysdig ensures the best security and compliance standards for your data.
This page lists the current Sysdig SaaS domains and IP ranges for each region.
Overview
Code-based Access
The endpoints for Sysdig Monitor and Sysdig Secure are the same in the US West (Amazon Web Services and Google Cloud Platform), AP Australia, and EU regions. When configuring code-based access to Sysdig Secure, use the endpoint rather than the website URL.
Single Sign-On
Sysdig SaaS users require the website address to reach the Sysdig applications. Use the appropriate website URL when configuring a single sign-on (SSO).
Collector
Sysdig agents in a SaaS-based deployment need to be able to reach the Sysdig collector. Depending on your network configuration, you may need to modify your firewall configuration to permit outbound connections from agents to the collector.
Inbound IP Addresses
The traffic originating from the Sysdig agent to the Sysdig backend is known as Sysdig SaaS inbound traffic. Allow the agent to send communication outbound on TCP 6443 to the inbound IP ranges associated with your SaaS region.
Outbound IP Addresses
Also known as source IP addresses, all the traffic originating from the Sysdig backend hosted in each region flows through one of the corresponding source IP addresses. Event Forwarding and Alert Notifications are examples of communication originating from the Sysdig backend.
Guidelines for Allowlist
Choose what to allowlist, based on the Sysdig products and features you use. The allowlist values vary based on the Sysdig Platform region you use.
Ensure that you add download.sysdig.com
to the set of URLs in the allowlist for all the Sysdig SaaS regions.
If you run:
Monitor Only
Allow:
Monitor Domain (optional, if needed to communicate with API for, as an example, an on-prem Jenkins job)
IP Ranges
Collector (endpoints and ports)
Prometheus endpoint
If you are using Prometheus remote write or on-prem Grafana.
Secure Vulnerability Management and Scanning
Allow:
Secure Endpoint
The Secure endpoint communicates to the API.
S3 Bucket where the Vulnerability database is stored.
Node analyzer
For the legacy engine host scanner; the new engine does not require you to allow the runtime scanner.
Secure Threat Detection
Allow:
- Secure Endpoint
- Collector (endpoints and ports)
Actionable Compliance KSPM
Allow:
- Secure Endpoint
On-Premises Vulnerability Feeds
Allow:
Secure Endpoint
The Secure endpoint communicates to the API.
S3 Bucket where Vulnerability database is stored.
Note: This is only necessary for the Vulnerability Management engine until air-gapped support is available.
Sysdig Platform Regions
US East (North Virginia)
Sysdig Application | Domain | IP Range |
---|---|---|
Sysdig Monitor | https://app.sysdigcloud.com | All the traffic originating from the US East data center will have one of the following source IP addresses: 54.82.115.3 50.19.72.123 18.207.87.189 The Sysdig SaaS inbound IP addresses are: 18.214.168.193 3.210.216.124 44.196.252.240 |
Sysdig Secure | Endpoint: https://secure.sysdig.com Website URL: https://secure.sysdig.com | All the traffic originating from the US East data center will have one of the following source IP addresses: 54.82.115.3 50.19.72.123 18.207.87.189 The Sysdig SaaS inbound IP addresses are: 18.214.168.193 3.210.216.124 44.196.252.240 |
Sysdig Collector | collector.sysdigcloud.com (Collector port: 6443) collector-alt.sysdigcloud.com (Collector port: 443) | 18.214.168.193 3.210.216.124 44.196.252.240 |
Node Analyzer | https://collector.sysdigcloud.com/internal/scanning/scanning-analysis-collector | |
S3 URLs for Vulnerability Management | https://secure-feeds-production-us-east-1-761931097553.s3.us-east-1.amazonaws.com | |
API Docs | https://app.sysdigcloud.com/api/public/docs/index.html https://secure.sysdig.com/swagger.html |
US West (Oregon)
Sysdig Application | Domain | IP Range |
---|---|---|
Sysdig Monitor | https://us2.app.sysdig.com | All the traffic originating from the US West data center will have one of the following source IP addresses: 54.218.164.215 54.244.190.180 44.232.85.27 The Sysdig SaaS inbound IP addresses are: 54.190.202.108 54.203.169.53 54.70.9.188 |
Sysdig Secure | Endpoint: https://us2.app.sysdig.com Website URL: https://us2.app.sysdig.com/secure/ | All the traffic originating from the US West data center will have one of the following source IP addresses: 54.218.164.215 54.244.190.180 44.232.85.27 The Sysdig SaaS inbound IP addresses are: 54.190.202.108 54.203.169.53 54.70.9.188 |
Sysdig Collector | ingest-us2.app.sysdig.com (Collector port: 6443) ingest-alt-us2.app.sysdig.com (Collector port: 443) | 54.190.202.108 54.203.169.53 54.70.9.188 |
Node Analyzer | https://us2.app.sysdig.com/internal/scanning/scanning-analysis-collector | |
S3 URLs for Vulnerability Management | https://secure-feeds-production-us-west-2-263844535661.s3.us-west-2.amazonaws.com | |
API Docs | https://us2.app.sysdig.com/api/public/docs/index.html https://us2.app.sysdig.com/secure/swagger.html |
US West (GCP)
Sysdig Application | Domain | IP Range |
---|---|---|
Sysdig Monitor | https://app.us4.sysdig.com | All the traffic originating from the US West (GCP) data center will have one of the following source IP addresses: 34.105.1.7 34.127.13.141 The Sysdig SaaS inbound IP addresses are: 34.145.19.124 |
Sysdig Secure | Endpoint: https://app.us4.sysdig.com/ Website URL: https://app.us4.sysdig.com/secure/ | All the traffic originating from the US West (GCP) data center will have one of the following source IP addresses: 34.105.1.7 34.127.13.141 The Sysdig SaaS inbound IP address is: 34.145.19.124 |
Sysdig Collector | ingest.us4.sysdig.com (Collector port: 6443) ingest-alt.us4.sysdig.com (Collector port: 443) | 34.145.123.253 |
Node Analyzer | https://app.us4.sysdig.com/internal/scanning/scanning-analysis-collector | |
S3 URLs for Vulnerability Management | https://storage.googleapis.com/us4-prod-usw1-e33c-us-west1-us-secure-feeds | |
API Docs | https://app.us4.sysdig.com/api/public/docs/index.html https://app.us4.sysdig.com/secure/swagger.html |
European Union
Sysdig Application | Domain | IP Range |
---|---|---|
Sysdig Monitor | https://eu1.app.sysdig.com | All traffic originating from the European Union (EU) data center will have one of the following source IP addresses: 3.127.3.205 3.127.111.42 18.157.104.82 The Sysdig SaaS inbound IP addresses are: 18.156.190.126 18.157.62.50 3.126.167.54 |
Sysdig Secure | Endpoint: https://eu1.app.sysdig.com Website URL: https://eu1.app.sysdig.com/secure/ | All traffic originating from the European Union (EU) data center will have one of the following source IP addresses: 3.127.3.205 3.127.111.42 18.157.104.82 The Sysdig SaaS inbound IP addresses are: 18.156.190.126 18.157.62.50 3.126.167.54 |
Sysdig Collector | ingest-eu1.app.sysdig.com (Collector port: 6443) ingest-alt-eu1.app.sysdig.com (Collector port: 443) | 18.156.190.126 18.157.62.50 3.126.167.54 |
Node Analyzer | https://eu1.app.sysdig.com/internal/scanning/scanning-analysis-collector | |
S3 URLs for Vulnerability Management | https://secure-feeds-production-eu-central-1-263844535661.s3.eu-central-1.amazonaws.com | |
API Docs | https://eu1.app.sysdig.com/api/public/docs/index.html https://eu1.app.sysdig.com/secure/swagger.html |
Asia Pacific (Sydney)
Sysdig Application | Domain | IP Range |
---|---|---|
Sysdig Monitor | https://app.au1.sysdig.com | All traffic originating from the Asia Pacific (AP) data center will have one of the following source IP addresses: 13.236.248.84 13.236.151.38 13.54.145.96 The Sysdig SaaS inbound IP addresses are: 13.238.59.195 52.62.57.59 52.64.82.29 |
Sysdig Secure | Endpoint: https://app.au1.sysdig.com/ Website URL: https://app.au1.sysdig.com/secure/ | All traffic originating from the Asia Pacific (AP) data center will have one of the following source IP addresses: 13.236.248.84 13.236.151.38 13.54.145.96 The Sysdig SaaS inbound IP addresses are: 13.238.59.195 52.62.57.59 52.64.82.29 |
Sysdig Collector | ingest.au1.sysdig.com (Collector port: 6443) ingest-alt.au1.sysdig.com (Collector port: 443) | 13.238.59.195 52.62.57.59 52.64.82.29 |
Node Analyzer | https://app.au1.sysdig.com/internal/scanning/scanning-analysis-collector | |
S3 URLs for Vulnerability Management | https://secure-feeds-production-ap-southeast-2-263844535661.s3.ap-southeast-2.amazonaws.com | |
API Docs | https://app.au1.sysdig.com/api/public/docs/index.html https://app.au1.sysdig.com/secure/swagger.html |
Middle East (GCP)
Sysdig Application | Domain | IP Range |
---|---|---|
Sysdig Monitor | https://app.me2.sysdig.com | All the traffic originating from the Dammam (GCP) data center will have the following source IP addresses: 34.166.37.127 The Sysdig SaaS inbound IP addresses is: 34.166.29.55 |
Sysdig Secure | Endpoint: https://app.me2.sysdig.com/ Website URL: https://app.me2.sysdig.com/secure/ | All the traffic originating from the Dammam (GCP (GCP) data center will have the following source IP addresses: 34.166.37.127 The Sysdig SaaS inbound IP address is: 34.166.29.55 |
Sysdig Collector | ingest.me2.sysdig.com (Collector port: 6443) | 34.166.32.4 |
Node Analyzer | https://app.me2.sysdig.com/internal/scanning/scanning-analysis-collector | |
S3 URLs for Vulnerability Management | https://storage.googleapis.com/me2-prod-mec2-6642-me-central2-secure-feeds | |
API Docs | https://app.me2.sysdig.com/api/public/docs/index.html https://app.me2.sysdig.com/secure/swagger.html |
Asia Pacific South (Mumbai)
Sysdig Application | Domain | IP Range |
---|---|---|
Sysdig Monitor | https://app.in1.sysdig.com | All the traffic originating from the Mumbai data center will have the following source IP addresses: 13.232.18.255 3.111.123.49 65.2.7.2 The Sysdig SaaS inbound IP addresses are: 13.201.147.2 3.6.182.175 43.205.223.39 |
Sysdig Secure | Endpoint: https://app.in1.sysdig.com Website URL: https://app.in1.sysdig.com/secure/ | All the traffic originating from the Mumbai data center will have the following source IP addresses: 13.232.18.255 3.111.123.49 65.2.7.2 The Sysdig SaaS inbound IP addresses are: 13.201.147.2 3.6.182.175 43.205.223.39 |
Sysdig Collector | ingest.in1.sysdig.com (Collector port: 6443) | 13.201.147.2 3.6.182.175 43.205.223.39 |
S3 URLs for Vulnerability Management | https://secure-feeds-production-ap-south-1-975050200984.s3.ap-south-1.amazonaws.com | |
API Docs | https://app.in1.sysdig.com/apidocs/monitor/ https://app.in1.sysdig.com/apidocs/secure/ |
Service-Specific Connections
Protocols
- HTTPS (Hypertext Transfer Protocol Secure)
- WSS (Web Socket Secure)
- TLS (Transport Layer Security)
Sysdig Collector Ports
Sysdig Agent uses the following ports to communicate with the Sysdig Collector.
Regions | Port |
---|---|
US East | Collector: SSL/TLS 6443 UI/API: HTTPS 443 |
US West | Collector: SSL/TLS 6443 Collector Alt: SSL/TLS 443 UI/API: HTTPS 443 |
US West (GCP) | Collector: SSL/TLS 6443 UI/API: HTTPS 443 |
EU | Collector: SSL/TLS 6443 Collector Alt: SSL/TLS 443 UI/API: HTTPS 443 |
Asia Pacific (Sydney) | Collector: SSL/TLS 6443 Collector Alt: SSL/TLS 443 UI/API: HTTPS 443 |
Middle East - Dammam (GCP) | Collector: SSL/TLS 6443 UI/API: HTTPS 443 |
AP South (Mumbai) | Collector: SSL/TLS 6443 UI/API: HTTPS 443 |
AWS Account IDs
Regions | AWS Account IDs |
---|---|
US East | 761931097553 |
US West | 263844535661 |
EU | 263844535661 |
Asia Pacific | 263844535661 |
AP South (Mumbai) | 975050200984 |
Redirect URLs for Authentication
Prometheus Endpoints and Regions
Prometheus Remote Write
Prometheus Remote Write resides in the ingest endpoints for each region under /prometheus/remote/write
. The public Prometheus Remote Write endpoints for each region are listed below:
Region | Endpoints |
---|---|
US East | https://api.sysdigcloud.com/prometheus/remote/write |
US West | https://us2.app.sysdig.com/prometheus/remote/write |
US West (GCP) | https://app.us4.sysdig.com/prometheus/remote/write |
European Union | https://eu1.app.sysdig.com/prometheus/remote/write |
Asia Pacific (Sydney) | https://app.au1.sysdig.com/prometheus/remote/write |
Middle East - Dammam (GCP) | https://app.me2.sysdig.com/prometheus/remote/write |
AP South (Mumbai) | https://app.in1.sysdig.com/prometheus/remote/write |
Grafana Integrations
Use the following Prometheus endpoints for Grafana integrations.
Region | Endpoint |
---|---|
US East | https://app.sysdigcloud.com/prometheus |
US West | https://us2.app.sysdig.com/prometheus |
US West (GCP) | https://app.us4.sysdig.com/prometheus |
EU Central | https://eu1.app.sysdig.com/prometheus |
Asia Pacific (Sydney) | https://app.au1.sysdig.com/prometheus |
Middle East - Dammam (GCP) | https://app.me2.sysdig.com/prometheus |
AP South (Mumbai) | https://app.in1.sysdig.com/prometheus |
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.