Self-Host - This page is relevant for self-hosted SigNoz editions.

Ingestion Overview

Info

Self-hosted/community edition of SigNoz does not use ingestion keys. You control your own OpenTelemetry pipeline and endpoints.

Overview

SigNoz is OpenTelemetry-native and works with OpenTelemetry Protocol (OTLP). For self-hosted deployments, you typically send OTLP data directly to the SigNoz OpenTelemetry Collector that is installed with SigNoz, or to a collector you manage and then forward it to SigNoz.

  • OTLP/gRPC: default port 4317
  • OTLP/HTTP: default port 4318

Prerequisites

  • A running self-hosted SigNoz instance. See: Install Self-Host SigNoz
  • Network access from your applications/collectors to the SigNoz OTLP ports (4317 for gRPC, 4318 for HTTP)

Get Started

  1. Identify your SigNoz OTLP endpoint (host and ports). See the Address Grid below for common setups.
  2. Configure your language SDKs or your own OpenTelemetry Collector to export to that endpoint.

Endpoints

Use the appropriate protocol and port based on your setup. Unless you’ve enabled TLS/ingress, use non‑TLS endpoints (http://) on 4317 (gRPC) or 4318 (HTTP). For gRPC, also set OTEL_EXPORTER_OTLP_INSECURE=true (or the equivalent client option) as some SDKs require it explicitly.

ProtocolEndpointNotes
OTLP/gRPC
http://<signoz-host>:4317
No path suffix
OTLP/HTTP
http://<signoz-host>:4318
SDK adds /v1/{traces|metrics|logs}

Examples:

  • Local Docker/Binary: http://localhost:4317 or http://localhost:4318
  • Docker network: http://otel-collector:4317
  • Kubernetes (same cluster): <release-name>-signoz-otel-collector.<namespace>.svc.cluster.local:4317
  • Exposed from Kubernetes: <node-ip>:<node-port> or <loadbalancer-ip>:4317

Collector Address Grid

You might have specific setups for your application and your SigNoz cluster. It’s not always obvious which address to use to send data. Use the grid below to quickly pick the right OTLP endpoint.

Where SigNoz is installed?
VM (Docker) - Same MachineVM (Docker) - Different MachineK8s (Same Cluster)K8s (Different Cluster)
Where your application is running?VM (native/binary)localhost:4317<otelcollector-IP>:4317<k8s-node-IP>:<otelcollector-node-port>, <k8s-loadbalancer-IP>:4317<k8s-node-IP>:<otelcollector-node-port>, <k8s-loadbalancer-IP>:4317
VM (Docker)172.17.0.1:4317, otel-collector:4317(shared network)<otelcollector-IP>:4317<k8s-node-IP>:<otelcollector-node-port>, <k8s-loadbalancer-IP>:4317<k8s-node-IP>:<otelcollector-node-port>, <k8s-loadbalancer-IP>:4317
Kubernetes<otelcollector-IP>:4317<otelcollector-IP>:4317<release-name>-signoz-otel-collector.<namespace>.svc.cluster.local:4317<k8s-node-IP>:<otelcollector-node-port>, <k8s-loadbalancer-IP>:4317
📝 Note
  1. For the <otelcollector-IP>, use a private IP address if the VM is in the same private network.
  2. Replace <namespace> with the SigNoz namespace and <release-name> with the SigNoz Helm release name.
  3. If your application and SigNoz run in different Kubernetes clusters, expose the OTLP service. Set the service type to either NodePort or LoadBalancer.
  4. The grid uses OTLP/gRPC (4317). If you prefer OTLP/HTTP, use port 4318 accordingly.
⚠️ Using HTTPS/TLS

For production, secure your endpoint with TLS via ingress or a reverse proxy. After enabling TLS, use an https:// endpoint (often on port 443) and ensure your SDKs/collectors trust the certificate. See:

Secure SigNoz in Kubernetes

Language SDK Configuration

Most language SDKs honor the signal-agnostic environment variable OTEL_EXPORTER_OTLP_ENDPOINT.

If you are using the signal-agnostic variable, you can set:

# gRPC (recommended)
OTEL_EXPORTER_OTLP_PROTOCOL=grpc
OTEL_EXPORTER_OTLP_ENDPOINT=http://<signoz-host>:4317

# OR HTTP/protobuf
OTEL_EXPORTER_OTLP_PROTOCOL=http/protobuf
OTEL_EXPORTER_OTLP_ENDPOINT=http://<signoz-host>:4318

# Common tuning
OTEL_EXPORTER_OTLP_COMPRESSION=gzip
OTEL_EXPORTER_OTLP_TIMEOUT=30000   # 30s
OTEL_EXPORTER_OTLP_INSECURE=true   # when not using TLS

When using OTLP/HTTP and the signal-agnostic endpoint, SDKs automatically append the correct path (for example, /v1/traces, /v1/metrics, /v1/logs). For language-specific instructions, see the instrumentation docs.

OpenTelemetry Collector Configuration

If you run your own collector (agent or gateway) and want to forward to SigNoz, set the OTLP exporter to point at your SigNoz collector:

/deploy/docker/otel-collector-config.yaml
exporters:
  otlp: # gRPC
    endpoint: '<signoz-host>:4317'
    tls:
      insecure: true # set to false when using TLS/HTTPS

  # or use HTTP
  otlphttp:
    endpoint: 'http://<signoz-host>:4318'

service:
  pipelines:
    traces:
      receivers: [otlp]
      processors: [batch]
      exporters: [otlp]
    metrics:
      receivers: [otlp]
      processors: [batch]
      exporters: [otlp]
    logs:
      receivers: [otlp]
      processors: [batch]
      exporters: [otlp]
TLS with OTLP exporters

For otlp (gRPC), use the tls.insecure: true option only when sending to a plain HTTP endpoint (no TLS). For otlphttp, you don't need a TLS block when using http://. If you switch to https://, you can add a tls section (e.g., to trust custom CAs) and set insecure: false.

This configures an OpenTelemetry Collector to forward telemetry to your SigNoz instance. Replace the placeholders:

  • <signoz-host>: Hostname or IP of your SigNoz OTLP endpoint
  • insecure: true: Use only when not using TLS. Set to false when using HTTPS

Read more: OpenTelemetry Collector Configuration

Authentication

No ingestion keys are required for self-hosted SigNoz. If you need authentication, place SigNoz behind a reverse proxy (nginx/Traefik/HAProxy) or Kubernetes ingress and enforce TLS and auth there.

Best Practices

  • Prefer OTLP/gRPC where possible (better performance, backpressure) and OTLP/HTTP for browser-based telemetry.
  • Enable compression to reduce bandwidth and improve reliability. SDKs: OTEL_EXPORTER_OTLP_COMPRESSION=gzip. Collectors: compression: gzip on exporters.
  • Configure retries and queueing (Collector) for resilience. Use retry_on_failure and sending_queue. Refer to the recommended defaults below.
  • Tune timeouts. For SDKs, use OTEL_EXPORTER_OTLP_TIMEOUT. For collectors, adjust exporters -> otlp -> timeout based on payload size and network.
  • Watch payload size limits. gRPC receivers/exporters enforce limits (e.g., max_recv_msg_size_mib is set to 16MB). Increase if needed. See examples in Linux install and Azure Container Apps.
  • For frontend/browser telemetry, explicitly enable CORS on the OTLP/HTTP receiver. See CORS in OTLP HTTP Receiver.
  • Use TLS in production via ingress or reverse proxy; update SDKs and collectors to trust the certificates.

Recommended exporter defaults:

/etc/otelcol/config.yaml
exporters:
  otlp:
    timeout: 5s
    compression: gzip
    retry_on_failure:
      enabled: true
      initial_interval: 5s
      max_interval: 30s
      max_elapsed_time: 300s
    sending_queue:
      enabled: true
      num_consumers: 10
      queue_size: 1000

Troubleshooting

If data doesn’t appear in SigNoz:

  • Verify connectivity to 4317 (gRPC) or 4318 (HTTP)
  • Double-check OTLP endpoints and protocol in your SDK/collector
  • Review application and collector logs for export errors
  • Confirm network/firewall/DNS reachability
  • Refer to the Address Grid above to verify the correct endpoint and port.

If you are migrating an existing OpenTelemetry setup to SigNoz, see: Migrate from existing OpenTelemetry to Self-Hosted SigNoz.

Last updated: October 23, 2025

Edit on GitHub

Was this page helpful?

Prev
Troubleshooting
Next
Cloud vs Self-Hosted
On this page
Overview
Prerequisites
Get Started
Endpoints
Collector Address Grid
Language SDK Configuration
OpenTelemetry Collector Configuration
Authentication
Best Practices
Troubleshooting
Docs
IntroductionContributingMigrate from DatadogSigNoz API
Community
Support
Slack
X
Launch Week
Changelog
Dashboard Templates
DevOps Wordle
Newsletter
KubeCon, Atlanta 2025
More
SigNoz vs DatadogSigNoz vs New RelicSigNoz vs GrafanaSigNoz vs Dynatrace
Careers
AboutTermsPrivacySecurity & Compliance
SigNoz
All systems operational