- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
Collect logs and alerts from Microsoft Defender for Cloud.
Defender for Cloud is a cloud-native application protection platform (CNAPP) that monitors Microsoft Azure applications, gives insight into Azure security risks through cloud security posture management (CSPM), and protects Azure cloud workloads for servers, containers, storage, and databases (CWPP).
Enable Datadog Cloud SIEM to use out-of-the-box security rules to monitor your Azure environment along side your other security infrastructure.
This integration requires that the Datadog Azure integration is enabled. It forwards logs to Datadog through Azure using event hubs. The integration requires that the log forwarder be at least version 1.0.1
or later.
Configure Defender for Cloud to continuously export logs to the event hub. No additional configuration is needed within Datadog.
Follow these instructions from Microsoft to generate sample alerts in Defender for Cloud.
Defender for Cloud logs can be accessed using source:microsoft-defender-for-cloud
in Log Management.
If using Datadog Cloud SIEM, confirm that the Microsoft Defender for Cloud detection rules are enabled:
Microsoft Defender for Cloud does not include any metrics.
Microsoft Defender for Cloud does not include any service checks.
Microsoft Defender for Cloud does not include any events.
To confirm that Cloud SIEM is receiving Defender for Cloud Alerts, follow these steps:
source:microsoft-defender-for-cloud
. You may need to change the time window for logs to appear.If you are still having trouble, contact Datadog support.