Security Home

Security Home


The Security Home page is an entry point to your Cloud SIEM environment. Readily access logs that are analyzed to detect threats, signals generated from default or custom log detection rules, and threats that require attention and remediation. See the status of logging sources and configure new sources in one location.

Analyzed logs

Get an overview of analyzed logs across all sources for a quick audit, or select Logs Analyzed to see a list of your analyzed logs in Logs Explorer for a more granular investigation. In Logs Explorer, filter by log facets or aggregate your logs to examine further into analyzed logs.

Signals generated

Analyze the number of signals generated and the amount of rules that are triggering signals, or select Signals Generated to filter by log detection rules in the Signals Explorer.

In the Signals Explorer, click on any rule with a generated signal to inspect the signal further. Select the Message tab to learn how to triage and respond to a generated signal, or click on any of the event attributes listed at the top of the panel or in the Event Attributes tab to filter signals by attributes.

Detect threats

With real-time threat detection, if a rule is matched, Datadog evaluates the severity and whether anyone should be notified. See how many threats have been detected across all entities in your environment from the Security Home page. Select Threats Detected to see malicious entities in the Signals Explorer. Select any entity to analyze its generated signal for remediation and more details.

Analyze sources

If a source is generating more signals or analyzing logs more frequently at any point in time, Datadog automatically flags this moment on a source’s graph in the Sources Analyzed table to help you pinpoint potential threats and trends.

Click on any bar in a graph or data within the table, and select View generated signals or View generated logs to see more details.

You can also configure new sources in this table. Click on the Configure Source button to set up log collection for a new source.

Further reading