Datadog is a SaaS based monitoring and analytics platform for large-scale applications and infrastructure. To know more about Datadog, see the Datadog documentation.
Britive can deliver audit logs to Datadog via a webhook. Custom Log Intake Endpoint on Datadog can be used to intake custom log data points. After this configuration, Britive streams audit logs to the Datadog webhook endpoint. Britive also allows filters to be created when forwarding such audit events, allowing customers to send different events to different end-points, if required.
Configuration on Datadog
Provision a Datadog intake endpoint. For more information, see Datadog API reference - Logs. An example CURL command to test this is:
curl -X POST -H 'Content-Type: application/json' -d '{"test":
"test"}' https://http-intake.logs.us5.datadoghq.com/api/v2/logs?ddapi-key=<apikey>&ddsource=demo&service=brReplace us5 from this example based on your Datadog deployment.
Provide an API Key for your environment. For more information, see Datadog - API Key.
The ddsource and service parameters are fully configurable. Enter suitable values applicable in your environment. Once the CURL command is working, you can create a notification medium in Britive using the URL.
Configuration on Britive
Create a Webhook notification medium using a URL from Datadog provisioning. For more information, see Creating a Notification Medium.
Create a webhook delivery in Audit Logs. For more information, see Managing Webhooks.
Leave the filter blank to receive ALL audit logs.
Add a filter if you want to receive a subset of the logs.
After configuration, and 15 minutes have passed (the initial configuration of audit log webhooks is eventually consistent), you can start to see data flowing into Datadog.