- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
Supported OS
Jamf Protect is a comprehensive security solution designed specifically for Apple endpoints, including macOS, iOS and iPadOS endpoints and other supported platforms. Jamf Protect enhances Apple’s built-in security features and provides real-time detection of malicious applications, scripts, and user activities.
Jamf Protect not only detects known malware, adware, but also prevents unknown threats and blocks command and control traffic and risky domains. Furthermore, it provides granular insights into endpoint activity, ensuring endpoint health and compliance, and supports incident response with automated workflows. This integration will collect logs from Jamf Protect events which can be analyzed using Datadog. This integration monitors Jamf Protect logs for both macOS Security and Jamf Security Cloud.
Navigate to the Integrations page and search for the “Jamf Protect” tile.
Using the Datadog API Logs documentation, determine what your intake URL is by selecting your Datadog Site on the top right corner.
Click Actions.
Click Create Actions.
Name: Datadog.
Click Remote Alert Collection Endpoints.
a. URL: https://${DATADOG_INTAKE_URL}/api/v2/logs?ddsource=jamfprotect&service=alerts
b. Set Min Severity & Max Severity:
c. Click + Add HTTP Header.
i. Name: DD-API-KEY
ii. Value: <API_Key>
d. Click + Add HTTP Header.
i. Name: DD-APPLICATION-KEY
ii. Value: <APPLICATION_KEY>
Click + Unified Logs Collection Endpoints.
a. URL: https://${DATADOG_INTAKE_URL}/api/v2/logs?ddsource=jamfprotect&service=unifiedlogs
b. Click + Add HTTP Header.
i. Name: DD-API-KEY
ii. Value: <API_Key>
c. Click + Add HTTP Header.
i. Name: DD-APPLICATION-KEY
ii. Value: <APPLICATION_KEY>
Click + Telemetry Collection Endpoints.
a. URL: https://${DATADOG_INTAKE_URL}/api/v2/logs?ddsource=jamfprotect&service=telemetry
b. Click + Add HTTP Header.
i. Name: DD-API-KEY
ii. Value: <API_Key>
c. Click + Add HTTP Header.
i. Name: DD-APPLICATION-KEY
ii. Value: <APPLICATION_KEY>
Click Save.
Click Integrations in the Threat Events Stream.
Click Data Streams.
Click New Configuration.
Select Threat Events. a. Select Generic HTTP.
Click Continue.
a. Configuration Name: Datadog (Threat)
b. Protocol: HTTPS
c. Server Hostname/IP: ${DATADOG_INTAKE_URL}
d. Port: 443
e. Endpoint: api/v2/logs?ddsource=jamfprotect&service=threatevents
f. Additional Headers:
i. Header Name: DD-API-KEY
Click Create option “DD-API-KEY”.
i. **Header Value:** <API_Key>
ii. **Header Name**: DD-APPLICATION-KEY
Click Create option “DD-APPLICATION-KEY”.
iii. **Header Value:** <APPLICATION_KEY>
Click Test Configuration.
If successful, click Create Configuration.
Click Integrations.
Click Data Streams.
Click New Configuration.
Select Threat Events.
a. Select Generic HTTP.
Click Continue. a. Configuration Name: Datadog (Threat)
b. Protocol: HTTPS
c. Server Hostname/IP: ${DATADOG_INTAKE_URL}
d. Port: 443
e. Endpoint: api/v2/logs?ddsource=jamfprotect&service=networktraffic
Additional Headers:
i. Header Name: DD-API-KEY
ii. Header Value: <API_Key>
i. Header Name: DD-APPLICATION-KEY
iv. Click Create option “DD-APPLICATION-KEY”.
i. Header Value: <APPLICATION_KEY>
Click Test Configuration.
If successful, click Create Configuration.
Navigate to the Logs Explorer and search for source:jamfprotect
to validate you are receiving logs.
The Jamf Protect integration allows you to send Jamf Audit Logs to Datadog.
Jamf Protect does not include any metrics.
Jamf Protect does not include any service checks.
Jamf Protect does not include any events.
Need help? Contact Datadog support.