- Traffic is always initiated by the Agent to the Datadog service. No sessions are ever initiated from Datadog back to the Agent.
- All traffic is sent (outbound only) over SSL via 443 TCP.
- The destination for most Agent data is
<version>-app.agent.datadoghq.com(starting with version 5.2.0; was
app.datadoghq.comfor prior versions).
- The destination for APM data is
- The destination for Live Containers data is
- The above urls are CNAMEs; specific IP addresses are subject to change but belong to the ranges listed here:
- 17123: Agent forwarder, used to buffer traffic in case of network splits between the Agent and Datadog
- 8125: dogstatsd
- 8126: traces
- 123/UDP: NTP - More details on the importance of NTP here.
Starting with version 3.4.0, these ports are available on localhost (127.0.0.1, ::1 and fe80::1 only), unless
non_local_traffic is set to true.
Default Agent Network Traffic
RedHat and CentOS 5 (python2.4-based)
If you run CentOS 5 you can run the Agent by simply installing
datadog-agent-base. In this case traffic flows like this:
datadog-agent --(https)--> https://app.datadoghq.com
Debian, Ubuntu, Mac OS X (python2.6-based)
In most cases (on linux) you run the Agent by installing
datadog-agent: In that case traffic flows like this:
datadog-agent --(localhost:17123)--> datadog-agent --(https)--> https://app.datadoghq.com
For a detailed configuration guide on proxy setup, head over to Proxy Configuration.