Datadog

The Dropzone platform integrates with the Datadog security SIEM. Many customers ingest other alert sources into DataDog (e.g. IDPs) and integrate Dropzone into DataDog rather than the source systems.

Create an API Key and Application Key

Datadog requires both an API Key and an Application Key to enable.

To obtain an API Key, do the following:

• In the bottom left hand corner of your Datadog Dashboard, click on your organization icon

• Navigate to Organization Settings > API Keys

• Click "New Key"

• Name your token something memorable, such as "dropzone.ai," then click "Create Key"

• Copy the key generated for use later in the Dropzone UI where it is called "API Key," then click "Finish"

To obtain an Application Key, do the following:

• In the bottom left hand corner of your Datadog Dashboard, click on your organization icon

• Navigate to Organization Settings > Application Keys

• Click "New Key"

• Name the key something memorable, such as "dropzone.ai," then click "Create Key"

• In the "Scope" section, select "Edit"

• Assign the key the following scopes, then click "Save":

  • logs_read_data

  • security_monitoring_signals_read

• Copy the key generated for use later in the Dropzone UI where it is called "Application Key," then click "Finish"

Enable Datadog

To enable the Data Source integration, you will need the following information:

• Navigate to your Dropzone AI tenant home page e.g. https://mycompany.dropzone.app

• In the bottom left hand corner, navigate to Settings > Integrations

• Click "Available"

• In the Search bar, search Datadog, then click "Configure"

• Under the Data Source heading, input the API Key, Application Key, and your Datadog site

• If you wish to enable Datadog's Flex Logs, check the box labeled "Enabled" in the Flex Logs section

• Click "Test & Save" to finish

If you have any errors engage your Dropzone AI support representative.