AWS Shield

This page is not yet available in Spanish. We are working on its translation.
If you have any questions or feedback about our current translation project, feel free to reach out to us!

Overview

AWS provides Shield Standard and Shield Advanced for protection against DDoS attacks.

Enable this integration to see all your AWS Shield metrics in Datadog.

Setup

Installation

If you haven’t already, set up the Amazon Web Services integration first.

Metric collection

  1. In the AWS integration page, ensure that DDoSProtection is enabled under the Metric Collection tab.
  2. Install the Datadog - AWS Shield integration.

Log collection

Enable logging

Configure AWS Shield to send logs either to a S3 bucket or to CloudWatch.

Note: If you log to a S3 bucket, make sure that amazon_shield is set as Target prefix.

Send logs to Datadog

  1. If you haven’t already, set up the Datadog Forwarder Lambda function.

  2. Once the Lambda function is installed, manually add a trigger on the S3 bucket or CloudWatch log group that contains your AWS Shield logs in the AWS console:

Data Collected

Metrics

aws.ddosprotection.ddo_sattack_bits_per_second
(gauge)
The number of bytes observed during a DDoS event for a particular Amazon Resource Name (ARN).
Shown as byte
aws.ddosprotection.ddo_sattack_packets_per_second
(gauge)
The number of packets observed during a DDoS event for a particular Amazon Resource Name (ARN).
Shown as packet
aws.ddosprotection.ddo_sattack_requests_per_second
(gauge)
The number of requests observed during a DDoS event for a particular Amazon Resource Name (ARN).
Shown as request
aws.ddosprotection.ddo_sdetected
(count)
Indicates a DDoS event for a particular Amazon Resource Name (ARN).

Events

The AWS Shield integration does not include any events.

Service Checks

The AWS Shield integration does not include any service checks.

Troubleshooting

Need help? Contact Datadog support.