Datadog
Last updated
Was this helpful?
Last updated
Was this helpful?
The Dropzone platform integrates with the security SIEM. Many customers ingest other alert sources into DataDog (e.g. IDPs) and integrate Dropzone into DataDog rather than the source systems.
Datadog requires both an API Key and an Application Key to enable.
To obtain an API Key, do the following:
In the bottom left hand corner of your Datadog Dashboard, click on your organization icon
Navigate to Organization Settings > API Keys
Click "New Key"
Name your token something memorable, such as "dropzone.ai," then click "Create Key"
Copy the key generated for use later in the Dropzone UI where it is called "API Key," then click "Finish"
To obtain an Application Key, do the following:
In the bottom left hand corner of your Datadog Dashboard, click on your organization icon
Navigate to Organization Settings > Application Keys
Click "New Key"
Name the key something memorable, such as "dropzone.ai," then click "Create Key"
In the "Scope" section, select "Edit"
Assign the key the following scopes, then click "Save":
logs_read_data
security_monitoring_signals_read
Copy the key generated for use later in the Dropzone UI where it is called "Application Key," then click "Finish"
To enable the Data Source integration, you will need the following information:
API Key
The API key value you generated earlier
Application Key
The Application key value you generated earlier
Datadog site
The same as your url in Datadog, e.g. datadoghq.com, us3.datadoghq.com, etc
Navigate to your Dropzone AI tenant home page e.g. https://mycompany.dropzone.app
In the bottom left hand corner, click Settings > Integrations
Click "Available"
In the Search bar, search Datadog, then click "Configure"
Under the Data Source heading, input the API Key, Application Key, and your Datadog site
Click "Test & Save" to finish
If you have any errors engage your Dropzone AI support representative.
To enable the Data Source integration, you will need the following information:
API Key
The API key value you generated earlier
Application Key
The Application key value you generated earlier
Datadog site
The same as your url in Datadog, eg datadoghq.com, us3.datadoghq.com, etc
Navigate to your Dropzone AI tenant home page e.g. https://mycompany.dropzone.app
In the bottom left hand corner, click Settings > Integrations
Click "Available"
In the Search bar, search Datadog, then click "Configure"
Under the Alert Source heading, input the API Key, Application Key, and your Datadog site
Under "Enabled Severities", check the box for each known Datadog Security Monitoring Signal source you want to retrieve signals for
Input your desired Poll interval and lookback
Click "Test & Save" to finish
If you have any errors engage your Dropzone AI support representative.
In the "Excluded Titles" section, you may choose Datadog signal to exclude from searches
