Cribl cloud access details information

Matt Markwald

What are the URL's and addresses used for in the Cribl cloud access details pop up:

Brian Yearwood

This page includes DNS, IP, and Amazon Web Service details. These can be used in allow lists, setting firewall access, etc. The trust field is the ARN for the AWS role that the group is running under. This can be used with an AWS account to allow you to assume a role in that account. An example is using Assume Role to allow your Cribl role access to a role in your AWS account with policies allowing it to write and read from an S3 bucket.
Here is some more information from the docs:  https://community.cribl.io/home/leaving?allowTrusted=1&target=https%3A%2F%2Fdocs.cribl.io%2Fstream%2Fcloud-portal%2F%23overview

1/ The addresses in the field "Cribl.cloud URL" are the addresses associated with the load balancer that is in front of the Leader which are static addresses.

Hybrid workers and Edge nodes will connect to this address on port 4200. The Leader UI and API are served from this address on port 443.

2/ The addresses in the field "Ingress IP's" are the addresses of the worker’s load balancer.

When configuring push type data sources these are the addresses that data will be sent to.

At present there is an internal Cribl bug (SAAS-5873) where the IP addresses of the leader’s load balancer are displayed here too, the team are currently working on a fix for this.

3/ The addresses in the field "Egress IP's" are the addresses that will be used for both outbound connections from the workers and pull type data sources. By default these are not static IP addresses and should a Cribl cloud customer wish to have static egress addresses this can be requested via a Cribl support case

Brian Yearwood

This page includes DNS, IP, and Amazon Web Service details. These can be used in allow lists, setting firewall access, etc. The trust field is the ARN for the AWS role that the group is running under. This can be used with an AWS account to allow you to assume a role in that account. An example is using Assume Role to allow your Cribl role access to a role in your AWS account with policies allowing it to write and read from an S3 bucket.
Here is some more information from the docs:  https://community.cribl.io/home/leaving?allowTrusted=1&target=https%3A%2F%2Fdocs.cribl.io%2Fstream%2Fcloud-portal%2F%23overview

1/ The addresses in the field "Cribl.cloud URL" are the addresses associated with the load balancer that is in front of the Leader which are static addresses.

Hybrid workers and Edge nodes will connect to this address on port 4200. The Leader UI and API are served from this address on port 443.

2/ The addresses in the field "Ingress IP's" are the addresses of the worker’s load balancer.

When configuring push type data sources these are the addresses that data will be sent to.

At present there is an internal Cribl bug (SAAS-5873) where the IP addresses of the leader’s load balancer are displayed here too, the team are currently working on a fix for this.

3/ The addresses in the field "Egress IP's" are the addresses that will be used for both outbound connections from the workers and pull type data sources. By default these are not static IP addresses and should a Cribl cloud customer wish to have static egress addresses this can be requested via a Cribl support case