Security Home

このページは日本語には対応しておりません。随時翻訳に取り組んでいます。翻訳に関してご質問やご意見ございましたら、お気軽にご連絡ください。

Overview

The Security Home page is an entry point to your Cloud SIEM (Security Information and Event Management) environment. Readily access logs that are analyzed to detect threats, signals generated from default or custom log detection rules, and threats that require attention and remediation. See the status of logging sources and configure new sources in one location.

The Cloud SIEM Home page showing the number of logs analyzed, signals, and high/critical signals, along with AWS and Azure as log sources

Analyzed logs

Get an overview of analyzed logs across all sources for a quick audit, or select Logs Analyzed to see a list of your analyzed logs in Log Explorer for a more granular investigation. In Log Explorer, filter by log facets or aggregate your logs to examine further into analyzed logs.

Signals

Analyze the number of signals generated and the number of detection rules that are triggering signals, or select Signals to filter by log detection rules in the Signals Explorer.

Detect threats

With real-time threat detection, if a rule is matched, Datadog evaluates the severity and whether anyone should be notified. See how many threats have been detected across all entities in your environment from the Security Home page. Select High/Critical Signals to see malicious entities in the Signals Explorer. Select any entity to analyze its generated signal for remediation and more details.

Analyze sources

If a source is generating more signals or analyzing logs more frequently at any point in time, Datadog automatically flags this moment on a source’s graph in the Sources Analyzed table to help you pinpoint potential threats and trends.

Click on any source, and select View generated signals or View related logs to see more details. If there is an out-of-the-box integration dashboard for the source, select View integration’s dashboard to use the information for your investigations.

You can also configure new sources in this table. Click on the Configure Source button to set up log collection for a new source.

Further reading