SIEM/SOC Integration

All our modules include a powerful feature that injects informational headers for each request.

SIEM/SOC tools provide the possibility to include these headers.

Below is an example for the most famous SIEM/SOC tools.

  files = ["/path/to/access_log"]
  from_beginning = false

    patterns = ['%{COMBINED_LOG_FORMAT} %{WORD:x-DataDome-isbot} %{WORD:x-DataDome-botname} %{WORD:x-DataDome-botfamily} %{WORD:x-DataDome-captchapassed}' ]
    measurement = "access_log"
# you need to add datadome headers in Elasticsearch output configuration: 

module: nameOfModule
    enabled: true
    var.paths: ["/path/to/log/access.log"]
# example accessLog :
# example add cutom headers :

    - type: file
      path: /var/log/apache2/access.log
      service: apache_gob_test
      source: apache
      sourcecategory: http_web_access

ELK use case

Once fileBeat is configured, you can use Kibana to check your data:


Discover botDiscover bot

Discover bot

Creating your specific Kibana dashboard

Bot dashboardBot dashboard

Bot dashboard

TIG use case

Once Telegraf is configured, you can use Grafana to create your dashboard: