Amazon Cognito
Crawler
Overview Amazon Cognito is a service that you can use to create unique identities for your users, authenticate these identities with identity providers, and save mobile user data in the AWS Cloud.
Enable this integration to see your Cognito Advanced Security metrics in Datadog.
Setup Installation If you haven’t already, set up the Amazon Web Services integration first.
Metric collection In the AWS integration tile , ensure that Cognito
is checked under metric collection. Install the Datadog - Amazon Cognito integration . Note : Advanced Security must be enabled in AWS. See the AWS documentation to add Advanced Security to a User Pool .
Log collection Enable logging Configure Amazon Cognito to send logs either to a S3 bucket or to CloudWatch.
Note : Only user pool logs can be sent. Amazon does not support the sending of other Cognito logs.
Note : If you log to a S3 bucket, make sure that amazon_cognito
is set as Target prefix .
Send logs to Datadog If you haven’t already, set up the Datadog log collection AWS Lambda function .
Once the lambda function is installed, manually add a trigger on the S3 bucket or CloudWatch log group that contains your Amazon Cognito logs in the AWS console:
Data Collected Metrics aws.cognito.compromised_credential_risk (count)Requests where Amazon Cognito detected compromised credentials aws.cognito.account_take_over_risk (count)Requests where Amazon Cognito detected account take-over risk aws.cognito.override_block (count)Requests that Amazon Cognito blocked because of the configuration provided by the developer aws.cognito.risk (count)Requests that Amazon Cognito marked as risky aws.cognito.no_risk (count)Requests where Amazon Cognito did not identify any risk aws.cognito.sign_up_successes (count)Provides the total number of successful user registration requests made to the Amazon Cognito user pool aws.cognito.sign_up_throttles (count)Provides the total number of throttled user registration requests made to the Amazon Cognito user pool aws.cognito.sign_in_successes (count)Provides the total number of successful user authentication requests made to the Amazon Cognito user pool aws.cognito.sign_in_throttles (count)Provides the total number of throttled user authentication requests made to the Amazon Cognito user pool aws.cognito.token_refresh_successes (count)Provides the total number of successful requests to refresh an Amazon Cognito token that were made to the Amazon Cognito user pool aws.cognito.token_refresh_throttles (count)Provides the total number of throttled requests to refresh an Amazon Cognito token that were made to the Amazon Cognito user pool aws.cognito.federation_successes (count)Provides the total number of successful identity federation requests to the Amazon Cognito user pool aws.cognito.federation_throttles (count)Provides the total number of throttled identity federation requests to the Amazon Cognito user pool
Events The Amazon Cognito integration does not include any events.
Service Checks The Amazon Cognito integration does not include any service checks.
Troubleshooting Need help? Contact Datadog support .