If you have one or more on-prem Cribl Edge environments and Cribl.Cloud Organization(s), you can configure Connected Environments.

Connected Environments enables you to:

• Use Cribl.Cloud with on-prem deployments. Connect an on-prem Leader to Cribl.Cloud to use Cloud infrastructure management, the credit-based billing model, and Cribl Lake and Cribl Search. For example, you can send Cribl metric data to Cribl Lake or Cribl Search, then build dashboards to monitor throughput and performance.

• Move data from on-prem to Cribl.Cloud. Onboard data from on-prem Edge Nodes to Cribl.Cloud Edge Nodes without incurring double billing costs. See Send Data from On-Prem to Cribl.Cloud for details.

Connected Environments does not support proxied connections. Make sure the connection between your on-prem Leader and Cribl.Cloud does not pass through a proxy.

To set up Connected Environments, create a connection between the on-prem Leader and the Cribl.Cloud Leader. Then use the Connections page in your Cribl.Cloud account to manage credit consumption for all of your on-prem environments from one interface. This feature is called Universal Subscription.

Understand Environment Compatibility ​

For supported Stream and Edge combinations, auth tokens, recommended transports, and known limitations, see Cribl-to-Cribl compatibility matrix.

Before You Begin Connecting On-Prem Leaders ​

Confirm that your environments meet these requirements before you connect an on-prem Leader to Cribl.Cloud:

• Cribl.Cloud plan: Your Cribl.Cloud account uses an Enterprise plan. See Cribl.Cloud pricing.
• On-prem version: Your on-prem Cribl Edge deployment runs version 4.8.2 or newer.
• Distributed mode: Your on-prem deployment runs in Distributed mode. Only a Leader can connect to Cribl.Cloud. Single-instance (standalone) deployments aren’t supported.
• Port: Port 4200 is open on the on-prem Leader, using the TCP protocol.
• TLS: The connection uses TLS. Cribl Edge enforces TLS for the connection.
• No proxy: The connection does not pass through a proxy.

Connection Methods ​

Cribl supports two methods for connecting an on-prem Leader to a Cribl.Cloud Leader:

• From the Cribl.Cloud account in Connections > Connected Environments.
• From the on-prem Leader in Distributed Settings > Cloud Connection.

Credits serve as the virtual transaction currency in the Cribl product suite. Each Cribl product has a predefined usage rate, and as you use the products, credits are deducted from your initial pool.

Configuration Considerations ​

Take these considerations into account for your on-prem Leader, allowlists, security groups, and Workspaces:

• Ports: Make sure that port 4200 is open on the Leader, with TCP protocol. See Leader Ports for more information.
• TLS: The connection between the Cribl.Cloud Leader and the on-prem Leader must be encrypted using TLS. When you configure the CRIBL_CLOUD_WORKSPACE_URL environment variable, the value must start with tls://, which enforces TLS. Cribl Edge validates the Cribl.Cloud Leader’s certificate against public certificate authorities, so you can’t disable certificate validation or supply a custom CA path for this connection.
• Connection host: The connection URL must point to a Cribl.Cloud hostname, such as <your-workspace>-<organization-id>.cribl.cloud.
• Static IPs: For IP address allowlist or security group rules, you can find the static IPs of your Cribl.Cloud Leader in Workspace > Access > Leader NLB IPs. You can also use the nslookup command to obtain static IPs.
• Workspaces: Workspaces are separate infrastructure. For allowlists and security groups, ensure that you add each IP address individually as each Workspace has a unique IP.