- はじめに
- エージェント
- インテグレーション
- Watchdog
- イベント
- ダッシュボード
- モバイルアプリケーション
- インフラストラクチャー
- サーバーレス
- メトリクス
- ノートブック
- アラート設定
- APM & Continuous Profiler
- CI Visibility
- RUM & セッションリプレイ
- データベース モニタリング
- ログ管理
- セキュリティプラットフォーム
- Synthetic モニタリング
- ネットワークモニタリング
- 開発者
- API
- アカウントの管理
- データセキュリティ
- ヘルプ
To get started with Datadog Cloud SIEM (Security Information and Event Management), follow these steps:
For step-by-step instructions on how to start detecting threats in your AWS CloudTrail logs, see the AWS Configuration Guide for Cloud SIEM.
If you already have a logging source, follow the in-app onboarding to begin collecting logs from that source.
Datadog’s Log Collection documentation provides detailed information on collecting logs from many different sources into Datadog. All ingested logs are first parsed and enriched. In real time, Detection Rules apply to all processed logs to maximize detection coverage without any of the traditionally associated performance or cost concerns of indexing all of your log data. Read more about Datadog’s Logging without Limits™.
Datadog provides out-of-the-box Detection Rules, which begin detecting threats in your environment immediately. The default enabled Detection Rules detect threats according to known best practices. More mature security organizations may wish to enable more detection rules to begin detecting more advanced threats. Additionally, more advanced templates are included to provide guidance on how to detect threats in your custom applications. Refer to the Detection Rules documentation for further details.
When a threat is detected with a Detection Rule, a Security Signal is generated. The Security Signals can be correlated and triaged in the Security Signals Explorer. Refer to the Security Signals Explorer documentation for further details.
