Overview
Sysdig SaaS applications are deployed in five data center regions—US East (Virginia), US West AWS (Oregon), US West GCP (Dallas), AP Australia (Sydney) and the European Union (Frankfurt). At the data centers, Sysdig ensures the best security and compliance standards for your data. This page lists the current Sysdig SaaS domains and IP ranges for each region.
For code-based access: Note: The endpoints for Sysdig Monitor and Sysdig Secure are the same in the US West (AWS and GCP), AP Australia, and EU regions. When configuring code-based access to Sysdig Secure, use the endpoint rather than the website URL.
For Single Sign-On: Sysdig SaaS users require the website address to reach the Sysdig applications. Use the appropriate website URL while configuring a single sign-on.
Collector: Additionally, Sysdig agents in a SaaS-based deployment need to be able to reach the Sysdig collector. Depending on your network configuration, you might need to modify your firewall configuration to permit outbound connections from agents to the collector.
Inbound IP Addresses: The traffic originating from the Sysdig agent to the Sysdig backend is known as inbound traffic. Allow the agent to send communication outbound on TCP 6443 to the inbound IP ranges associated with your SaaS region.
Outbound IP Addresses: Also known as source IP addresses and all the traffic originating from the Sysdig backend hosted in each region flows through one of the corresponding source IP addresses.
Whitelisting Guidance
Choose what to whitelist based on the Sysdig products and features you use. If you run:
Monitor Only
Whitelist:
- Monitor Domain (optional, if needed to communicate with API for, e.g., an on-prem Jenkins job)
- IP Ranges
- Collector (endpoints, ports)
- Prometheus endpoint (if using Prometheus remote write or onprem Grafana)
Secure Vuln Management/Scanning
Whitelist:
- Secure Endpoint (communicates to API)
- S3 Bucket
- Node analyzer (for old engine host scanner; new engine does not require whitelist for the runtime scanner)
Secure Threat Detection
Whitelist:
- Secure Endpoint
- Collector (endpoints, ports)
Actionable Compliance KSPM
- Secure Endpoint
Americas
US East (North Virginia)
| Sysdig Application | Domain | IP Range |
|---|---|---|
| Sysdig Monitor | https://app.sysdigcloud.com | All the traffic originating from the US East datacenter will have one of the following source IP addresses: 54.82.115.3 50.19.72.123 18.207.87.189 The inbound IP addresses are: 18.214.168.193 3.210.216.124 44.196.252.240 |
| Sysdig Secure | Endpoint: https://secure.sysdig.com Website URL: https://secure.sysdig.com | |
| Sysdig Collector | collector.sysdigcloud.com (Collector port: 6443) | |
| Node Analyzer | https://collector-static.sysdigcloud.com/internal/scanning/scanning-analysis-collector | |
| S3 URLs for Vulnerability Management | https://secure-feeds-production-us-east-1-761931097553.s3.us-east-1.amazonaws.com | |
| API Docs | https://app.sysdigcloud.com/api/public/docs/index.html https://secure.sysdig.com/swagger.html |
US West (Oregon)
| Sysdig Application | Domain | IP Range |
|---|---|---|
| Sysdig Monitor | https://us2.app.sysdig.com | All the traffic originating from the US West datacenter will have one of the following source IP addresses: 54.218.164.215 54.244.190.180 44.232.85.27 The inbound IP addresses are: 54.190.202.108 54.203.169.53 54.70.9.188 |
| Sysdig Secure | Endpoint: https://us2.app.sysdig.com Website URL: https://us2.app.sysdig.com/secure/ | |
| Sysdig Collector | ingest-us2.app.sysdig.com (Collector port: 6443) ingest-alt-us2.app.sysdig.com (Collector port: 443) | |
| Node Analyzer | https://us2.app.sysdig.com/internal/scanning/scanning-analysis-collector | |
| S3 URLs for Vulnerability Management | https://secure-feeds-production-us-west-2-263844535661.s3.us-west-2.amazonaws.com | |
| API Docs | https://us2.app.sysdig.com/api/public/docs/index.html https://us2.app.sysdig.com/secure/swagger.html |
US West (GCP)
| Sysdig Application | Domain | IP Range |
|---|---|---|
| Sysdig Monitor | https://app.us4.sysdig.com | Outbound IP: 34.105.1.7 34.127.13.141 Inbound IP: 34.145.19.124 |
| Sysdig Secure | Endpoint: https://app.us4.sysdig.com/ Website URL: https://app.us4.sysdig.com/secure/ | |
| Sysdig Collector | ingest.us4.sysdig.com | Inbound IP: 34.145.123.253 |
| Node Analyzer | https://app.us4.sysdig.com/internal/scanning/scanning-analysis-collector | |
| S3 URLs for Vulnerability Management | https://storage.googleapis.com/us4-prod-usw1-e33c-us-west1-us-secure-feeds | |
| API Docs | https://app.us4.sysdig.com/api/public/docs/index.html https://app.us4.sysdig.com/secure/swagger.html |
European Union
| Sysdig Application | Domain | IP Range |
|---|---|---|
| Sysdig Monitor | https://eu1.app.sysdig.com | All traffic originating from the European Union (EU) datacenter will have one of the following source IP addresses: 3.127.3.205 3.127.111.42 18.157.104.82 The inbound IP addresses are: 18.156.190.126 18.157.62.50 3.126.167.54 |
| Sysdig Secure | Endpoint: https://eu1.app.sysdig.com Website URL: https://eu1.app.sysdig.com/secure/ | |
| Sysdig Collector | ingest-eu1.app.sysdig.com (Collector port: 6443) ingest-alt-eu1.app.sysdig.com (Collector port: 443) | |
| Node Analyzer | https://eu1.app.sysdig.com/internal/scanning/scanning-analysis-collector | |
| S3 URLs for Vulnerability Management | https://secure-feeds-production-eu-central-1-263844535661.s3.eu-central-1.amazonaws.com | |
| API Docs | https://eu1.app.sysdig.com/api/public/docs/index.html https://eu1.app.sysdig.com/secure/swagger.html |
Asia Pacific (Sydney)
| Sysdig Application | Domain | IP Range |
|---|---|---|
| Sysdig Monitor | https://app.au1.sysdig.com | Outbound IPs: 13.236.248.84 13.236.151.38 13.54.145.96 The inbound IPs: 13.238.59.195 52.62.57.59 52.64.82.29 |
| Sysdig Secure | Endpoint: https://app.au1.sysdig.com/ Website URL: https://app.au1.sysdig.com/secure/ | |
| Sysdig Collector | ingest.au1.sysdig.com | |
| Node Analyzer | https://app.au1.sysdig.com/internal/scanning/scanning-analysis-collector | |
| S3 URLs for Vulnerability Management | https://secure-feeds-production-ap-southeast-2-263844535661.s3.ap-southeast-2.amazonaws.com | |
| API Docs | https://app.au1.sysdig.com/api/public/docs/index.html https://app.au1.sysdig.com/secure/swagger.html |
Sysdig Collector Ports
Sysdig Agent uses the following ports to communicate with the Sysdig Collector.
| Regions | Port |
|---|---|
| US East | Collector: SSL/TLS 6443 Collector: TCP 6666 UI/API: HTTPS 443 |
| US West | Collector: SSL/TLS 6443 Collector Alt: SSL/TLS 443 UI/API: HTTPS 443 |
| US West (GCP) | Collector: SSL/TLS 6443 UI/API: HTTPS 443 |
| EU | Collector: SSL/TLS 6443 Collector Alt: SSL/TLS 443 UI/API: HTTPS 443 |
| Asia Pacific (Sydney) | Collector: SSL/TLS 6443 UI/API: HTTPS 443 |
AWS Account IDs
| Regions | AWS Account IDs |
|---|---|
| US East | 761931097553 |
| US West | 263844535661 |
| EU | 263844535661 |
Redirect URLs for Authentication
Prometheus Endpoints
Use the following Prometheus endpoints for Grafana integrations.
| Region | Endpoint |
|---|---|
| US East | https://app.sysdigcloud.com/prometheus |
| US West | https://us2.app.sysdig.com/prometheus |
| US West (GCP) | https://app.us4.sysdig.com/prometheus |
| EU Central | https://eu1.app.sysdig.com/prometheus |
| Asia Pacific (Sydney) | https://app.au1.sysdig.com/prometheus |