--- title: CrowdStrike description: Collect CrowdStrike real-time detection events as Datadog logs breadcrumbs: Docs > Integrations > CrowdStrike --- # CrowdStrike Integration version1.0.0CrowdStrike Overview Dashboard ## Overview{% #overview %} [CrowdStrike](https://www.crowdstrike.com/) is a single agent solution to stop breaches, ransomware, and cyber attacks with comprehensive visibility and protection across endpoints, workloads, data, and identity. The CrowdStrike integration allows you to collect real-time CrowdStrike detection events and alerts as Datadog logs. ## Setup{% #setup %} ### Installation{% #installation %} No installation is required. ### Configuration{% #configuration %} #### Enabling event streaming{% #enabling-event-streaming %} Before you can connect to the [Event Stream](https://docs.datadoghq.com/service_management/events/explorer/), [contact the CrowdStrike support team](https://supportportal.crowdstrike.com/) to enable the streaming of APIs on your customer account. #### Connecting your CrowdStrike Account{% #connecting-your-crowdstrike-account %} Once streaming is enabled, add a new API client in CrowdStrike: 1. Sign in to the Falcon console. 1. Go to [Support > API Clients and Keys](https://falcon.crowdstrike.com/support/api-clients-and-keys). 1. Click **Add new API client**. 1. Enter a descriptive client name that identifies your API client in Falcon and in API action logs (for example, `Datadog`). 1. Optionally, enter a description such as your API client's intended use. 1. Select **Read** access for all API scopes. 1. Click **Add**. #### Enabling log collection{% #enabling-log-collection %} Add the API client details on the [CrowdStrike integration tile](https://app.datadoghq.com/integrations/crowdstrike) in Datadog: 1. Click **Connect a CrowdStrike Account**. 1. Copy over your API client ID, client secret, and API domain for your datacenter. See a list of available API domains in the [CrowdStrike API Domains](https://falcon.us-2.crowdstrike.com/documentation/page/a2a7fc0e/crowdstrike-oauth2-based-apis) section of CrowdStrike's "OAuth2-Based APIs" documentation. 1. Optionally, enter a list of tags separated by comma. 1. Click **Submit**. After a few minutes, [logs](https://app.datadoghq.com/logs/) with the source `crowdstrike` appear on the [CrowdStrike Log Overview dashboard](https://app.datadoghq.com/dash/integration/32115/crowdstrike-overview). ## Data Collected{% #data-collected %} ### Metrics{% #metrics %} The CrowdStrike integration does not include any metrics. ### Events{% #events %} The CrowdStrike integration allows Datadog to ingest the following events: - Detection Summary - Firewall Match - Identity Protection - Idp Detection Summary - Incident Summary - Authentication Events - Detection Status Updates - Uploaded IoCs - Network Containment Events - IP Allowlisting Events - Policy Management Events - CrowdStrike Store Activity - Real Time Response Session Start/End - Event stream start/stop These events appear on the [CrowdStrike Log Overview dashboard](https://app.datadoghq.com/dash/integration/32115/crowdstrike-overview). ### Service Checks{% #service-checks %} The CrowdStrike integration does not include any service checks. ## Troubleshooting{% #troubleshooting %} Need help? Contact [Datadog support](https://docs.datadoghq.com/help/).