Datadog integrates with AWS GuardDuty via a Lambda function that ships GuardDuty findings to Datadog’s Log Management solution.
Create a new rule in Cloudwatch with the GuardDuty Finding Event type:
If you haven’t already, set up the Datadog log collection AWS Lambda function.
Once the Lambda function is created, define the Datadog Lambda function as the target:
Save your rule.
If you haven’t already, set up the Datadog log collection AWS Lambda function.
After setting up the Lambda function, add GuardDuty as a trigger by choosing CloudWatch Events as a trigger and creating a GuardDutyRule
:
Once done, visit your Datadog Log section to start exploring your logs!