Amazon Security Hub

Amazon Security Hub

Overview

AWS Security Hub provides you with a comprehensive view of your security state in AWS and helps you check your environment against security industry standards and best practices.

This integration enables you to see all your Security Hub logs in Datadog.

Setup

Datadog uses AWS EventBridge to forward SecurityHub events as logs to Datadog.

  1. Go to Amazon EventBridge.
  2. In the Create a new rule pane, click Create rule.
  3. In the Name and description pane, type a name for your rule in the Name field and if you want, type a description for your rule in the Description field.
  4. In the Define pattern pane, select Event pattern, and then select Pre-defined pattern by service to build an event pattern.
  5. From the Service provider list, select AWS.
  6. From the Service name list, select SecurityHub.
  7. From the Event type list, select All Events.
  8. In the Select event bus pane, select AWS default event bus.
  9. In the Select targets pane, from the Target list, select Lambda function.
  10. Select the Datadog forwarder to send logs to Datadog.
  11. Click Create.

Troubleshooting

Need help? Contact Datadog support.