{"slug": "ingestion-overview-for-self-hosted-signoz", "title": "Ingestion Overview for Self-Hosted SigNoz", "summary": "SigNoz's self-hosted/community edition does not use ingestion keys, requiring users to control their own OpenTelemetry pipeline and endpoints. The platform accepts OTLP data via gRPC on port 4317 or HTTP on port 4318, with endpoints varying by deployment environment such as Docker, Kubernetes, or virtual machines. Users must configure their language SDKs or OpenTelemetry Collectors to export data to the appropriate SigNoz OTLP endpoint based on their infrastructure setup.", "body_md": "Self-hosted/community edition of SigNoz does not use ingestion keys. You control your own OpenTelemetry pipeline and endpoints.\n\nOverview\n\nSigNoz is OpenTelemetry-native and works with [OpenTelemetry Protocol (OTLP)](https://github.com/open-telemetry/opentelemetry-proto/blob/main/docs/specification.md). Send OTLP data directly to the SigNoz OpenTelemetry Collector installed with SigNoz, or run your own collector as an agent and forward to SigNoz.\n\n- OTLP/gRPC: default port 4317\n- OTLP/HTTP: default port 4318\n\nPrerequisites\n\n- A running self-hosted SigNoz instance. See:\n[Install Self-Host SigNoz](https://signoz.io/docs/install/self-host/) - Network access from your applications/collectors to the SigNoz OTLP ports (4317 for gRPC, 4318 for HTTP)\n\nGet Started\n\n- Identify your SigNoz OTLP endpoint (host and ports). See the Address Grid below for common setups.\n- Configure your language SDKs or your own OpenTelemetry Collector to export to that endpoint.\n\nEndpoints\n\nUnless you’ve enabled TLS, use `http://`\n\non port 4317 (gRPC) or 4318 (HTTP). For gRPC without TLS, set `OTEL_EXPORTER_OTLP_PROTOCOL=grpc`\n\nand an `http://`\n\nendpoint. Some SDKs require `insecure: true`\n\nin their exporter config as well.\n\n| Protocol | Endpoint | Notes |\n|---|---|---|\n| OTLP/gRPC | \n\n```\nhttp://<signoz-host>:4317\n```\n\n | No path suffix |\n| OTLP/HTTP | \n\n```\nhttp://<signoz-host>:4318\n```\n\n | SDK adds /v1/{traces|metrics|logs} |\n\nExamples:\n\n- Local Docker/Binary:\n`http://localhost:4317`\n\nor`http://localhost:4318`\n\n- Docker network:\n`http://otel-collector:4317`\n\n- Kubernetes (same cluster):\n`<release-name>-signoz-otel-collector.<namespace>.svc.cluster.local:4317`\n\n- Exposed from Kubernetes:\n`<node-ip>:<node-port>`\n\nor`<loadbalancer-ip>:4317`\n\nCollector Address Grid\n\nUse the grid below to pick the right OTLP endpoint for your deployment.\n\n| Where SigNoz is installed? | |||||\n|---|---|---|---|---|---|\n| VM (Docker) - Same Machine | VM (Docker) - Different Machine | K8s (Same Cluster) | K8s (Different Cluster) | ||\n| Where your application is running? | VM (native/binary) | localhost:4317 | <otelcollector-IP>:4317 | <k8s-node-IP>:<otelcollector-node-port>, <k8s-loadbalancer-IP>:4317 | <k8s-node-IP>:<otelcollector-node-port>, <k8s-loadbalancer-IP>:4317 |\n| VM (Docker) | 172.17.0.1:4317, otel-collector:4317(shared network) | <otelcollector-IP>:4317 | <k8s-node-IP>:<otelcollector-node-port>, <k8s-loadbalancer-IP>:4317 | <k8s-node-IP>:<otelcollector-node-port>, <k8s-loadbalancer-IP>:4317 | |\n| Kubernetes | <otelcollector-IP>:4317 | <otelcollector-IP>:4317 | <release-name>-signoz-otel-collector.<namespace>.svc.cluster.local:4317 | <k8s-node-IP>:<otelcollector-node-port>, <k8s-loadbalancer-IP>:4317 |\n\n- For the\n`<otelcollector-IP>`\n\n, use a private IP address if the VM is in the same private network. - Replace\n`<namespace>`\n\nwith the SigNoz namespace and`<release-name>`\n\nwith the SigNoz Helm release name. - If your application and SigNoz run in different Kubernetes clusters, expose the OTLP service. Set the service type to either\n`NodePort`\n\nor`LoadBalancer`\n\n. - The grid uses OTLP/gRPC (4317). If you prefer OTLP/HTTP, use port 4318 accordingly.\n\nLanguage SDK Configuration\n\nMost language SDKs honor the signal-agnostic environment variable `OTEL_EXPORTER_OTLP_ENDPOINT`\n\n.\n\nTo configure with the signal-agnostic variable, set:\n\n```\n# gRPC\nOTEL_EXPORTER_OTLP_PROTOCOL=grpc\nOTEL_EXPORTER_OTLP_ENDPOINT=http://<signoz-host>:4317\n\n# HTTP/protobuf\nOTEL_EXPORTER_OTLP_PROTOCOL=http/protobuf\nOTEL_EXPORTER_OTLP_ENDPOINT=http://<signoz-host>:4318\n\n# Common tuning\nOTEL_EXPORTER_OTLP_COMPRESSION=gzip\nOTEL_EXPORTER_OTLP_TIMEOUT=30000   # 30s in milliseconds\n```\n\nWhen using OTLP/HTTP and the signal-agnostic endpoint, SDKs automatically append the correct path (for example, `/v1/traces`\n\n, `/v1/metrics`\n\n, `/v1/logs`\n\n). For language-specific instructions, see the [instrumentation docs](https://signoz.io/docs/instrumentation/).\n\nOpenTelemetry Collector Configuration\n\nTo forward from your own collector to SigNoz, configure the OTLP exporter:\n\n```\nexporters:\n  otlp: # gRPC\n    endpoint: '<signoz-host>:4317'\n    tls:\n      insecure: true # set to false when using TLS/HTTPS\n\n  # or use HTTP\n  otlphttp:\n    endpoint: 'http://<signoz-host>:4318'\n\nservice:\n  pipelines:\n    traces:\n      receivers: [otlp]\n      processors: [batch]\n      exporters: [otlp]\n    metrics:\n      receivers: [otlp]\n      processors: [batch]\n      exporters: [otlp]\n    logs:\n      receivers: [otlp]\n      processors: [batch]\n      exporters: [otlp]\n```\n\nFor `otlp`\n\n(gRPC), use the `tls.insecure: true`\n\noption only when sending to a plain HTTP endpoint (no TLS). For `otlphttp`\n\n, you don't need a TLS block when using `http://`\n\n. If you switch to `https://`\n\n, you can add a `tls`\n\nsection (e.g., to trust custom CAs) and set `insecure: false`\n\n.\n\nReplace the placeholders:\n\n`<signoz-host>`\n\n: Hostname or IP of your SigNoz OTLP endpoint`insecure: true`\n\n: Use only when not using TLS. Set to`false`\n\nwhen using HTTPS\n\nRead more: [OpenTelemetry Collector Configuration](https://signoz.io/docs/opentelemetry-collection-agents/opentelemetry-collector/configuration/)\n\nAuthentication\n\nSelf-hosted SigNoz requires no ingestion keys. For authentication, place SigNoz behind a reverse proxy (nginx/Traefik/HAProxy) or Kubernetes ingress and enforce TLS and auth there.\n\nImportant Considerations\n\nPayload Size\n\nThe OTLP/gRPC receiver enforces a configurable max receive message size. If you hit `ResourceExhausted`\n\nerrors on large payloads, increase `max_recv_msg_size_mib`\n\nunder the `grpc`\n\nreceiver in your collector config:\n\n```\nreceivers:\n  otlp:\n    protocols:\n      grpc:\n        max_recv_msg_size_mib: 16\n```\n\nOTLP/HTTP payload limits are controlled by the HTTP server layer and configured separately.\n\nCORS\n\nCORS is off by default for all origins. The default Docker config explicitly allows only `http://localhost:8080`\n\nand `http://localhost:8081`\n\n— every other origin, including other localhost ports, is blocked by browsers.\n\nTo allow browser telemetry from your app's origin, add it to `allowed_origins`\n\nin your OTLP/HTTP receiver config:\n\n```\nreceivers:\n  otlp:\n    protocols:\n      http:\n        cors:\n          allowed_origins:\n            - https://your-app.example.com\n```\n\nSee [CORS in OTLP HTTP Receiver](https://signoz.io/docs/userguide/otlp-http-enable-cors/) for Docker and Kubernetes instructions.\n\nCompression\n\nEnable gzip compression to reduce bandwidth. SDKs: set `OTEL_EXPORTER_OTLP_COMPRESSION=gzip`\n\n. Collectors: set `compression: gzip`\n\non each exporter.\n\nTimeouts\n\nFor SDKs, set `OTEL_EXPORTER_OTLP_TIMEOUT`\n\nin milliseconds (e.g., `30000`\n\nfor 30s). For collectors, tune `exporters -> otlp -> timeout`\n\nto match your payload size and network.\n\nRetries and Queueing\n\nFor Collector deployments, configure `retry_on_failure`\n\nand `sending_queue`\n\nto reduce data loss on transient failures:\n\n```\nexporters:\n  otlp:\n    timeout: 5s\n    compression: gzip\n    retry_on_failure:\n      enabled: true\n      initial_interval: 5s\n      max_interval: 30s\n      max_elapsed_time: 300s\n    sending_queue:\n      enabled: true\n      num_consumers: 10\n      queue_size: 1000\n```\n\nSDKs expose signal-specific env vars for batch export tuning:\n\n`OTEL_BSP_*`\n\n— batch span processor (traces)`OTEL_METRIC_EXPORT_*`\n\n— metric export interval and timeout`OTEL_BLRP_*`\n\n— batch log record processor (logs)\n\nSee the [OpenTelemetry SDK environment variables spec](https://opentelemetry.io/docs/specs/otel/configuration/sdk-environment-variables/) for all options.\n\nProtocol Choice\n\nOTLP/gRPC (port 4317) offers better performance and backpressure handling for server-side telemetry. OTLP/HTTP (port 4318) is simpler to configure, easier to debug, and required for browser-based telemetry where gRPC is not supported.\n\nTLS in Production\n\nSecure your endpoint with TLS via ingress or a reverse proxy. After enabling TLS, use `https://`\n\nendpoints and ensure your SDKs and collectors trust the certificate. See: [Secure SigNoz in Kubernetes](https://signoz.io/docs/tutorial/setting-up-tls-for-signoz/).\n\nTroubleshooting\n\nIf data doesn’t appear in SigNoz:\n\n- Verify connectivity to\n`4317`\n\n(gRPC) or`4318`\n\n(HTTP) - Check OTLP endpoints and protocol in your SDK/collector config\n- Check application and collector logs for export errors\n- Verify network/firewall/DNS reachability\n- See the Address Grid above to confirm the correct endpoint and port.\n\nMigrating from an existing OpenTelemetry setup? See: [Migrate from existing OpenTelemetry to Self-Hosted SigNoz](https://signoz.io/docs/migration/migrate-from-opentelemetry-to-signoz/).", "url": "https://wpnews.pro/news/ingestion-overview-for-self-hosted-signoz", "canonical_source": "https://signoz.io/docs/ingestion/self-hosted/overview", "published_at": "2026-06-02 00:00:00+00:00", "updated_at": "2026-06-05 12:53:30.482333+00:00", "lang": "en", "topics": ["ai-infrastructure", "mlops"], "entities": ["SigNoz", "OpenTelemetry"], "alternates": {"html": "https://wpnews.pro/news/ingestion-overview-for-self-hosted-signoz", "markdown": "https://wpnews.pro/news/ingestion-overview-for-self-hosted-signoz.md", "text": "https://wpnews.pro/news/ingestion-overview-for-self-hosted-signoz.txt", "jsonld": "https://wpnews.pro/news/ingestion-overview-for-self-hosted-signoz.jsonld"}}