Overview
Use AWS Transit Gateway to interconnect your virtual private clouds (VPCs) and on-premises networks.
Enable this integration to see all your Transit Gateway metrics in Datadog.
Setup
Installation
If you haven’t already, set up the Amazon Web Services integration first.
Metric & Resource collection
- In the AWS integration page, ensure that
TransitGateway is enabled under the Metric Collection tab. - Add the following permissions to your Datadog IAM policy to collect AWS Transit Gateway resources.
| AWS Permission | Description |
|---|
ec2:DescribeTransitGateways | Grants permission to describe one or more transit gateways |
ec2:DescribeTransitGatewayVPCAttachments | Grants permission to describe one or more VPC attachments on a transit gateway. |
ec2:DescribeTransitGatewayRouteTables | Grants permission to describe one or more transit gateway route tables. |
ec2:GetTransitGatewayPrefixListPreferences | Grants permission to get information about prefix list references for a transit gateway route table. |
ec2:SearchTransitGatewayRoutes | Grants permission to search for routes in a transit gateway route table. |
- Install the Datadog - AWS Transit Gateway integration.
Log collection
Enable Transit Gateway flow log logging
Transit Gateway flow logs can be sent to an S3 bucket or a CloudWatch log group.
- In the AWS console, go to the Transit Gateway you want to monitor.
- Go to the Flow logs tab.
- Click Create flow log.
- Select the S3 bucket or the CloudWatch log group to send the logs to.
Note: Include the string transit-gateway in the S3 bucket name to enable automatic log parsing.
Send logs to Datadog
- If you haven’t already, set up the Datadog Forwarder Lambda function in your AWS account.
- Navigate to the Datadog Forwarder Lambda function in your AWS account. In the Function Overview section, click Add Trigger.
- Select the S3 or CloudWatch Logs trigger for the Trigger Configuration.
- Select the S3 bucket or CloudWatch log group that contains your Transit Gateway logs.
- For S3, leave the event type as
All object create events. - Click Add to add the trigger to your Lambda.
After a few minutes, Transit Gateway flow logs appear in your Log Explorer.
For more information on collecting AWS Services logs, see Send AWS Services Logs with the Datadog Lambda Function.
Data Collected
Metrics
aws.transitgateway.bytes_in
(count) | The number of bytes received by the transit gateway.
Shown as byte |
aws.transitgateway.bytes_out
(count) | The number of bytes sent from the transit gateway.
Shown as byte |
aws.transitgateway.packet_drop_count_blackhole
(count) | The number of packets dropped because they matched a blackhole route.
Shown as packet |
aws.transitgateway.packet_drop_count_no_route
(count) | The number of packets dropped because they did not match a route.
Shown as packet |
aws.transitgateway.packets_in
(count) | The number of packets received by the transit gateway.
Shown as packet |
aws.transitgateway.packets_out
(count) | The number of packets sent by the transit gateway.
Shown as packet |
Events
The AWS Transit Gateway integration does not include any events.
Service Checks
The AWS Transit Gateway integration does not include any service checks.
Troubleshooting
Need help? Contact Datadog support.
