Skip to main content

Network Connectivity Requirements

This page includes the outbound access requirements for locally hosted N9 Agents and Internet Protocol (IP) addresses for Nobl9 Alerts that must be allowed for inbound connections to operate in compliance with the existing firewall or IP address restrictions.

Outbound Access Requirements for Locally Hosted N9 Agents

Obtaining the Agent container image

Nobl9's Agent image is published on Docker Hub. Your Kubernetes cluster or other container runtime requires access to the Docker Hub to pull the image. You can also pull the image to a locally hosted artifact image repository and run it from there.
TCP port 443 outbound to the following:


Obtaining the sloctl image

Nobl9's sloctl image is published on Docker Hub. You can leverage it to integrate Nobl9 in the CI/CD pipelines.

N9 needs outbound TCP port 443 to the following:


AuthN/AuthZ concerns

When an Agent data source is created (in the Nobl9 web application or the N9 API, via sloctl or the Terraform provider), an OAuth2 credential is created, unique to that Agent. These credentials consist of a Client ID and Client Secret, which can be viewed in the web application as part of the agent installation instructions - they are visible within the Kubernetes YAML or Docker command line examples.

This credential allows the Agent instance to connect to Nobl9 over outbound HTTPS, identify itself, and obtain its query configurations from the Nobl9 Application.

N9 Agent container network requirements at runtime

N9 Agent needs outbound TCP port 443 to the following:

  • Nobl9 Okta instance
    • This is an Amazon ALB. As such, the IP addresses may change over time.
  • Nobl9 SaaS application
    • This is an Amazon ALB. As such, the IP addresses may change over time.
  • the data source API URL that was configured when you created the Agent in the Nobl9 UI (varies depending on data source tool or flavor and your configuration).

Nobl9 Alerts

You can opt to set configure alerts in Nobl9 to a variety of systems, including popular incident management SaaS tools (for paging), ticketing systems, chat systems (for chatops), as well as a flexible and secure customizable webhook feature (for webhooks to your CI/CD system, for example).

You may choose to receive alerts from Nobl9 through a firewall you control. These alerts originate from a predictable set of IP addresses (Amazon Elastic IPs) from which you may opt to allow inbound access to your network.

Nobl9 Alerts originate from the following IP addresses:

  • 18.159.114.21
  • 18.158.132.186
  • 3.64.154.26