---
title: Getting Started with Datadog
description: Gather your Amazon GuardDuty logs.
breadcrumbs: Docs > Integrations > Amazon GuardDuty
---

# Amazon GuardDuty

## Overview{% #overview %}

Datadog integrates with Amazon GuardDuty through a Lambda function that ships GuardDuty findings to Datadog's Log Management solution.

## Setup{% #setup %}

### Log collection{% #log-collection %}

#### Enable logging{% #enable-logging %}

1. If you haven't already, set up the [Datadog Forwarder Lambda function](https://docs.datadoghq.com/logs/guide/forwarder.md).

1. Create a new rule in [Amazon EventBridge](https://console.aws.amazon.com/events/home). Give the rule a name and select **Rule with an event pattern**. Click **Next**.

1. Build the event pattern to match your GuardDuty Findings. In the **Event source** section, select `AWS events or EventBridge partner events`. In the **Event pattern** section, specify `AWS services` for the source, `GuardDuty` for the service, and `GuardDuty Finding` as the type. Click **Next**.

1. Select the Datadog Forwarder as the target. Set `AWS service` as the target type, `Lambda function` as the target, and choose the Datadog forwarder from the dropdown `Function` menu. Click **Next**.

1. Configure any desired tags, and click **Create rule**.

#### Send your logs to Datadog{% #send-your-logs-to-datadog %}

1. In the AWS console, go to **Lambda**.

1. Click **Functions** and select the Datadog forwarder.

1. In the Function Overview section, click **Add Trigger**. Select **EventBridge (CloudWatch Events)** from the dropdown menu, and specify the rule created in the enable logging section.

1. See any new GuardDuty Findings in the [Datadog Log Explorer](https://app.datadoghq.com/logs).