Agent Installation Requirements

Sysdig agents can be installed on a wide array of Linux hosts. Check your environment to ensure it meets the minimum supported platform, operating system, runtime, and orchestration requirements and uses the appropriate installation instructions.

Versioning Scheme

We recommend that you use the latest version of the agent. Sysdig supports n-3 versions back based on the minor number. For example, if the latest release is v12.0.0, we will support n-3 versions back, up to v11.2.0.

End of Support

Sysdig agents that are older than version 0.85.1, released October 1, 2018, will no longer connect to the Sysdig US-East SaaS platform with default agent values.

Going forward all the agent releases will have a 3-year deprecation policy. This implies:

  • Sysdig Support might not be able to help you troubleshoot or address the problems with agents past the deprecation date.

  • Sysdig will no longer provide prebuilt kernel probe binaries for these agent releases. You need to build the kernel probe binaries on the fly by using the hosts kernel headers.

    These changes is effective starting Sysdig agent v12.1.0.

Agent Installation Requirements

Orchestration Platforms

Tested and Supported

Sysdig agent has been tested on the following list of latest Kubernetes versions. The matrix provides a single view into the supported operating systems, architecture, and runtime versions for different flavors of Kubernetes orchestrators.

ClusterOperating SystemKubernetes VersionArchitectureRuntime
RedHat OpenShift Kubernetes Service (ROKS)Red Hatv1.22x86_64cri-o
RancherSUSE Linux Enterprise Server 15 SP2v1.20x86_64docker
OpenShift (okd4) 4.8Red Hat Enterprise Linux CoreOS 48v1.21zlinuxcri-o
OpenShift (okd4) 4.11
Red Hat Enterprise Linux CoreOS 411v1.24x86_64cri-o
OpenShift (okd3)CentOS Linux 7 (Core)v1.11x86_64docker
Kubernetes Operations (kops)Ubuntu 20.04 LTSv1.21x86_64, arm64containerd
Kubernetes Operations (kops)Ubuntu 20.04 LTSv1.26x86_64, arm64containerd
MinikubeUbuntu 20.04 LTSv1.23x86_64docker
IBM Cloud Kubernetes Service (IKS)Ubuntu 18.04 LTSv1.24x86_64containerd
Google Kubernetes Engine (GKE)Container-Optimized OS from Googlev1.24x86_64containerd
Amazon Elastic Kubernetes Service (EKS)Bottlerocket OS 1.11v1.22x86_64, arm64containerd
Amazon Elastic Kubernetes Service (EKS)Amazon Linux 2v1.22x86_64docker


Sysdig agent is supported on the following orchestration platforms:

Orchestration PlatformsDocumentation
Oracle Kubernetes Engine (OKE)Steps for OKE
Microsoft Azure Cloud ServicesAgent Install: Non-Orchestrated
Microsoft Azure Kubernetes Service (AKS)Agent Install: Kubernetes
Amazon Elastic Container Service (Amazon ECS)Agent Install: ECS
+ AWS Integration Instructions
RancherOSAgent Install: Non-Orchestrated
Mesos/MarathonAgent Install: Mesos/Marathon
Docker Datacenter (DDC)Agent Install: Non-Orchestrated

If you are not using an orchestrator in your environment, follow the instructions for Agent Install Non-Orchestrated.

Note: Installing the Sysdig agent into a namespace managed by Istio and configured for sidecar auto-injection is not supported. For example, setting kubectl label namespace sysdig-agent istio-injection=enabled. Because the agent behaves more like a host component, it is required to be part of the host PID and network namespace to function correctly. Due to this requirement, deploying the Sysdig agent in Istio with an Envoy sidecar is not supported. However, running the Sysdig agent in a non-injected namespace where Istio is installed and managing other namespaces is fully supported. See Istio integration for more details on using the Sysdig agent to monitor Istio control plane and sidecar metrics.

Linux Distributions and Kernels

Tested and Supported

Sysdig agent (installed as a service) has been tested on the following list of latest linux distros:

Operating SystemArchitecture
Amazon Linux 2x86_64
Amazon Linux 2022x86_64
Debian GNU/Linux 10 (buster)x86_64
Debian GNU/Linux 11 (bullseye)x86_64
Fedora Linux 35 (Cloud Edition)x86_64
Red Hat Enterprise Linux 8.7 (Ootpa)x86_64
Red Hat Enterprise Linux 9.1 (Plow)x86_64
Ubuntu 18.04 LTS (Bionic Beaver)x86_64
Ubuntu 20.04 LTS (Focal Fossa)x86_64
Ubuntu 22.04 LTS (Jammy Jellyfish)x86_64


Sysdig agent is supported on the following Linux distributions:


Linux Distribution

Core Set

  • Debian

  • Ubuntu

  • Ubuntu (Amazon)

  • CentOS

  • Red Hat Enterprise Linux (RHEL)

  • SuSE Linux Enterprise Server


  • Fedora

  • Fedora CoreOS

  • Linux Mint

  • Amazon Linux

  • Amazon Linux v2

  • Amazon Bottlerocket

  • Google Container Optimized OS (COS)

  • Oracle Linux (UEH)

  • Oracle Linux (RHCK)


  • Amazon Linux 2

  • Amazon Bottlerocket

  • Core set (see above)


  • Core set (see above)

  • COS


  • Core set (see above)

Container Runtimes

Sysdig agent supports the detection of the following:

  • Docker
  • LXC
  • CRI-O
  • containerd
  • Podman
  • Mesos

Tested and Supported for Docker

Sysdig agent has been tested on the following list of latest linux distros:

Operating SystemArchitecture
Amazon Linux 2x86_64, arm64
Amazon Linux 2022x86_64, arm64
Debian GNU/Linux 10 (buster)x86_64, arm64
Debian GNU/Linux 11 (bullseye)x86_64, arm64
Fedora Linux 35 (Cloud Edition)x86_64, arm64
Fedora Linux 36 (Cloud Edition)x86_64, arm64
Red Hat Enterprise Linux 7.9 (Maipo)x86_64
Red Hat Enterprise Linux 8.4 (Ootpa)zlinux
Red Hat Enterprise Linux 8.7 (Ootpa)x86_64, arm64
Red Hat Enterprise Linux 9.1 (Plow)x86_64, arm64
SLES 15 SP4x86_64, arm64
Ubuntu 18.04 LTS (Bionic Beaver)x86_64, arm64
Ubuntu 20.04 LTS (Focal Fossa)x86_64, arm64
Ubuntu 22.04 LTS (Jammy Jellyfish)x86_64, arm64

Prerequisites for Podman Environments

Sysdig agent supports running as a Podman container.

  • Enable Podman API Service for all the users.

    The agent will not able to collect Podman-managed container metadata, such as the container name, if the API service is not enabled.

  • Secure rules and policies that depend on container metadata other than the container ID will not work.

  • Pausing and terminating containers will not work because Policy actions for Podman are not supported.

  • The containers started as a non-root user will have the podman_owner_uid label associated with it if the API service is enabled for that user. The value of podman_owner_uid will be the numeric user ID corresponding to the user that started the container.

Container Registries

For example, to pull the latest agent container from

docker pull

CPU Architectures


Supported Agent Containers
  • agent
  • agent-slim
  • agent-kmodule

ARM (aarch64)

Supported kernel versions are v4.17 and above

Unsupported Features
  • Pre-built probes
  • Activity Audit
  • Sysdig agent installation using the agent container

s390x (zLinux)

Unsupported Features

No support for pre-built probes on zLinux. For kernel instrumentation, use the kernel module. eBPF probes are not supported on zLinux.


Capture is not supported on zLinux.

Legacy Agent Installation

Sysdig agent installation using agent container is not supported.

Java Versions and Vendors

Sysdig agent supports the following:

  • Java versions: v7 and above
  • Vendors: Oracle, OpenJDK

For Java-based applications (Cassandra, Elasticsearch, Kafka, Tomcat, Zookeeper and etc.), the Sysdig agent requires the Java runtime environment (JRE) to be installed to poll for metrics (beans).

If the Docker-container-based Sysdig agent is installed, the JRE is installed alongside the agent binaries and no further dependencies exist. However, if you are installing the service-based agent (non-container) and you do not see the JVM/JMX metrics reporting, your host may not have the JRE installed or it may not be installed in the expected location: usr/bin/java

Minimum Resource Requirements

The resource requirements of the agent are subjective to the size and load of the host— more activity equates to more resources required.

It is typical to see between 5-20KiB/s of bandwidth consumed—different variables can increase the throughput required such as the number of metrics, events, Kubernetes objects, and which products and features are enabled. When a Sysdig Capture is being collected, you can expect to see a spike in bandwidth while the capture file is being ingested.

We do not recommend placing bandwidth shaping or caps on the agent to ensure data can be sent to our collection service.

Additional Requirements

Access key

The installation of the Sysdig agent requires an access key.

This key and the agent installation instructions are presented to you after activating your account and using a web-based wizard upon initial login.

The same information can also be found in the Settings > Agent Installation menu of the web interface after logging in. See Agent Installation: Overview and Key for details.

Network connection

A Sysdig agent (containerized or native) is installed into each host being monitored and will need to be able to connect to the Sysdig Monitor backend servers to report host metrics. The agent must be able to reach the Sysdig Collector addresses. For example, for US East, it is ‘’ (via multiple IPs) over port tcp/6443 . See Sysdig Collector Ports for supported ports for other regions.

The agent supports the HTTP proxy for communicating with Sysdig backend components. For more information, see Enable HTTP Proxy for Agents.