Learn About Connected Environments
If you have one or more on-prem Cribl Edge environments and Cribl.Cloud Organization(s), you can configure Connected Environments.
Connected Environments enables you to:
Take advantage of Cribl.Cloud. You can use Connected Environments to connect an on-prem Leader to Cribl.Cloud, then use Cribl.Cloud infrastructure management capabilities, the credit-based billing model, as well as Cribl Lake and Cribl Search solutions. For example, you have on-prem environments but you want to use the credit billing model, and you want to send Cribl metric data to Cribl Lake/Search. From there, you can build dashboards to monitor Cribl throughput and performance.
Send data from an on-prem deployment to a Cribl.Cloud deployment. If you previously had an on-prem deployment of Cribl and you are moving forward with a Cloud-first or Cloud only solution, you can use connected environments to onboard your data from on-prem Edge Nodes to Cribl.Cloud Edge Nodes and transfer data without incurring double billing costs. See Send Data from On-Prem to Cribl.Cloud for implementation details.
For full access to Connected Environments, upgrade Cribl Edge to 4.8.2 or newer.
Accomplish this by creating a connection between the on-prem Leader and the Cribl.Cloud Leader. Then, use the Connections page in your Cribl.Cloud account to manage credit consumption for all of your on-prem environments from one Cribl.Cloud interface. This feature is called Universal Subscription.
This section provides instructions for connecting on-prem Leaders to Cribl.Cloud.
Understand Environment Compatibility
| Sender → Receiver | Org/Workspace scenario | Cribl HTTP/TCP Support | Receiver Billed for Ingest? | Example Deployments | Notes |
|---|---|---|---|---|---|
| Same Leader | Same Workspace | ✓ | No |
| This is the default Cribl to Cribl pattern. |
| Different Leaders | Same on-prem license key | ✓ | No |
| Treated as a single paid environment via shared key. |
| Different Leaders | Two Workspaces in the same Cribl.Cloud Org | ✓ | No |
| Requires supported versions and shared Org - uses auth tokens on 4.15+. |
| Different Leaders | Different Cribl.Cloud Orgs | ✓ | Yes | Enterprise customer Org A → MSSP Org B via Cribl HTTP/TCP. | Supported, but the receiving Org is billed. No single-ingest across Orgs. |
| On-prem → Cribl.Cloud | No Connected Environments or Universal Subscription. Same paid Org/license. | ✓ | No | On-prem Cribl Stream or Edge → Cribl.Cloud-managed Worker Group for central processing (same license/org). | Standard Edge → Stream or Stream → Stream “hub” architectures. |
| On-prem → Cribl.Cloud | Different paid Orgs, no Universal Subscription. | ✓ | Yes | Hybrid Worker Group for Customer A → Managed Worker Group in MSP Org B. | Counts as two separate paid environments. |
| Hybrid Worker Group → Cribl.Cloud Hybrid or Managed Worker Group | Same Organization | ✓ | Yes | Cribl.Cloud Hybrid Worker Group in Workspace A → Cribl.Cloud-managed Worker Group in Workspace B. | Typical “hybrid WG in Workspace A → Cloud WG in Workspace B” expansion path. |
| Hybrid Worker Group → Cribl.Cloud Hybrid or Managed Worker Group | Different Organization | ✓ | Yes | Hybrid Worker Group for Customer A → Managed Worker Group in MSP Org B. | Counts as two separate paid environments. |
| On-prem Cribl Edge or Stream → Cribl.Cloud Hybrid Worker Group | Same Org with Universal Subscription | ✓ | Yes | On-prem Edge Fleet with Universal Subscription → Cribl.Cloud Hybrid Worker Group | Not supported for single-ingest billing. Treated as separate environments. |
| On-prem Cribl Edge or Stream → Cribl.Cloud-managed Worker Group | Same Org with Universal Subscription | ✓ | Yes | On-prem Worker Group with Universal Subscription → Cribl.Cloud-managed Worker Group in a Workspace. | US governs billing of on-prem env; Cloud ingest is billed normally unless also covered by shared key/Org rules. |
| Cross-environment flow on free tier | N/A | Not supported | Free-tier Workspace ↔ paid Org. | Free tier license or subscriptions don’t qualify for single-ingest benefit. |
Before You Begin Connecting On-Prem Leaders
There are a few tasks you must complete before you can start connecting your on-prem Leader to Cribl.Cloud:
Create a Cribl.Cloud account.
To set up connected environments, you must have an Enterprise Cribl.Cloud account.
Decide how you want to connect to the Leader.
There are two methods you can use to connect an on-prem Leader to a Cribl.Cloud Leader:
- From the Cribl.Cloud account in Connections > Connected Environments.
- From the on-prem Leader in Distributed Settings > Cloud Connection.
Purchase a Cribl.Cloud Enterprise Plan with credits.
Credits serve as the virtual transaction currency in the Cribl product suite. Each Cribl product has a predefined usage rate, and as you use the products, credits are deducted from your initial pool.
Configuration Considerations
Take these considerations into account for your on-prem Leader, allowlists, security groups, and Workspaces:
- You must be on Cribl Edge version 4.8.2 or newer.
- Ports: Make sure that port
4200is open on the Leader, with TCP protocol. See Leader Ports for more information. - Proxy: Connected Environments doesn’t support proxied connections.
- TLS: The connection between the Cribl.Cloud Leader and the on-prem Leader
must be encrypted using TLS. When you configure the
CRIBL_CLOUD_WORKSPACE_URLenvironment variable, it will start withtls://, which enforces TLS. - Static IPs: For IP address allowlist or security group rules, you can find the static IPs of your Cribl.Cloud
Leader in Workspace > Access > Leader NLB IPs. You can also use the
nslookupcommand to obtain static IPs. - Workspaces: Workspaces are separate infrastructure. For allowlists and security groups, ensure that you add each IP address individually as each Workspace has a unique IP.