Monitor Scamalytics risk scores, Tor exit nodes, and VPN usage.
Visualize traffic origins and top foreign IP sources.
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、
お気軽にご連絡ください。
Overview
Scamalytics transforms raw IP traffic into actionable threat intelligence. The platform provides IP enrichment and generates accurate risk scores for every IP address, offering clear, evidence-based context for each connection. It identifies anonymization methods such as VPNs, proxies, Tor nodes, and data center traffic, and attributes requests by geolocation, ASN, and ISP. Scamalytics also performs abuse and blacklist checks, giving organizations insight into suspicious or high-risk IP activity.
This integration collects Scamalytics logs in Datadog to visualize risk distribution, monitor threat patterns by geography, and trigger automated alerts for high-risk connections. Additionally, this integration allows Scamalytics to query Datadog logs in order to correlate IP reputation data with application activity and investigate security incidents with full historical context.
Setup
Run the following command to install the Agent integration:
datadog-agent integration install -t datadog-scamalytics_ti==1.0.0
Open conf.d/scamalytics.d/conf.yaml and add the Scamalytics API endpoint URL along with your API key.
init_config:
instances:
- url: "https://api.scamalytics.com/?ip="
- api_key: "<YOUR_API_KEY>"
Restart the Agent.
Verify the integration is working
Run datadog-agent check scamalytics
The Scamalytics integration automatically detects and scans IP addresses found in Datadog’s standard network attributes:
- Inbound Traffic (
network.client.ip) - Outbound Traffic (
network.destination.ip)
Uninstallation
- Run the
datadog-agent integration remove command. - Click Uninstall to remove the included dashboard.
Support
Need help? Contact Scamalytics.
