Wiz

Supported OS Linux Windows Mac OS

Overview

With Wiz, you can send audit logs and issues, including threats and toxic combinations, to Datadog Cloud SIEM using the Wiz API. In addition, you can:

  • Control your Wiz data retention.
  • Build custom widgets and dashboards.
  • Set up detection rules that trigger specific actions.
  • Cross-reference Wiz events with the data from other services.

Datadog’s integration with Wiz collects logs using the Wiz API, which generates two types of logs:

  • Audit Logs: These logs include actions performed by team members in the Wiz account. These logs also include report and issue updates. Use audit logs to detect unusual activity in your Wiz accounts and to support investigations.
  • Issues: Pull logs containing Wiz issues to provide visibility into your cloud infrastructure’s vulnerabilities, threats, and misconfigurations. The Wiz integration will collect Wiz toxic combinations.

Setup

Step 1: Generate an Access Token in Wiz

Log in to Wiz and generate a bearer token.

You need to collect the following information for use in the next step:

  • The token URL
  • Query URL
  • Client ID
  • Client secret

Step 2: Connect your Wiz account to Datadog

To get started, copy the access token key from the previous step.

  1. Enter a Name for the account.
  2. Paste the Token URL from your Wiz account into the Token URL field.
  3. Paste the Query URL from your Wiz account into the Query URL field.
  4. Paste the Client ID from your Wiz account into the Client ID field.
  5. Paste the Client Secret from your Wiz account into the Client Secret field.

Click the checkmark to save the configuration.

Validation

Go to the Logs explorer and search your Datadog logs with source:wiz. If you installed the integration correctly, you should be able to see Wiz events.

Data Collected

Metrics

The Wiz integration does not include any metrics.

Service Checks

The Wiz integration does not include any service checks.

Events

The Wiz integration does not include any events.

Logs

The Wiz integration collects audit logs and issues.

Troubleshooting

Need help from Datadog? Contact Datadog support. Alternatively, if you need help from Wiz, contact Wiz support.