SIEM/SOC Integration

DataDome provide insight about your traffic by enriching your logs for each requests we analyse in real time.

You can set up an "exporter" to send your logs to any SIEM, Logs tools.

Configuration examples :

  files = ["/path/to/access_log"]
  from_beginning = false

    patterns = ['%{COMBINED_LOG_FORMAT} %{WORD:x-DataDome-isbot} %{WORD:x-DataDome-botname} %{WORD:x-DataDome-botfamily} %{WORD:x-DataDome-captchapassed}' ]
    measurement = "access_log"
# you need to add datadome headers in Elasticsearch output configuration: 

module: nameOfModule
    enabled: true
    var.paths: ["/path/to/log/access.log"]
# example accessLog :
# example add cutom headers :

    - type: file
      path: /var/log/apache2/access.log
      service: apache_gob_test
      source: apache
      sourcecategory: http_web_access

Elasticsearch Kibana Platform

Once fileBeat is configured, you can use Kibana to analyse in real time your logs and the data enriched by DataDome:



Discover bot

As you have DataDome insight thought Enriched headers, you can create any Dashboard depending of your business need.


Bot dashboard

Telegraf platform

Once Telegraf is configured, you can use Grafana to create your dashboard