Amazon Shield
Crawler
Overview Amazon provides Shield Standard and Shield Advanced for protection against DDoS attacks.
Enable this integration to see all your Shield metrics in Datadog.
Setup Installation If you haven’t already, set up the Amazon Web Services integration first.
Metric collection In the AWS integration tile , ensure that Shield
is checked under metric collection. Install the Datadog - Amazon Shield integration . Log collection Enable logging Configure Amazon Shield to send logs either to a S3 bucket or to CloudWatch.
Note : If you log to a S3 bucket, make sure that amazon_shield
is set as Target prefix .
Send logs to Datadog If you haven’t already, set up the Datadog log collection AWS Lambda function .
Once the lambda function is installed, manually add a trigger on the S3 bucket or CloudWatch log group that contains your Amazon Shield logs in the AWS console:
Data Collected Metrics aws.ddosprotection.ddo_sdetected (count)Indicates a DDoS event for a particular Amazon Resource Name (ARN). aws.ddosprotection.ddo_sattack_bits_per_second (gauge)The number of bytes observed during a DDoS event for a particular Amazon Resource Name (ARN).Shown as byte aws.ddosprotection.ddo_sattack_requests_per_second (gauge)The number of requests observed during a DDoS event for a particular Amazon Resource Name (ARN).Shown as request aws.ddosprotection.ddo_sattack_packets_per_second (gauge)The number of packets observed during a DDoS event for a particular Amazon Resource Name (ARN).Shown as packet
Events The Amazon Shield integration does not include any events.
Service Checks The Amazon Shield integration does not include any service checks.
Troubleshooting Need help? Contact Datadog support .