Add AppOmni integration (ECOINT-58) #2587
+1,042
−0
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,7 @@ | ||
| # CHANGELOG - appomni | ||
|
|
||
| ## 1.0.0 / 2025-01-23 | ||
|
|
||
| _**Added**_: | ||
|
|
||
| * Initial Release |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change | ||||
|---|---|---|---|---|---|---|
| @@ -0,0 +1,51 @@ | ||||||
| # AppOmni | ||||||
|
|
||||||
| ## Overview | ||||||
|
|
||||||
| AppOmni Threat Detection Datadog Integration provides a single source to ingests and normalizes all your SaaS logs, and visualize events and alerts. | ||||||
|
|
||||||
| ## Setup | ||||||
|
|
||||||
| **Log in to Datadog** | ||||||
|
There was a problem hiding this comment.
Suggested change
|
||||||
| First Obtain a Datadog [API Key][1]. See the steps below: | ||||||
|
There was a problem hiding this comment.
Suggested change
|
||||||
|
|
||||||
| Within Datadog navigate to **Organization settings** then click **API Keys**. | ||||||
|
There was a problem hiding this comment.
Suggested change
|
||||||
| 1. Click New Key | ||||||
|
There was a problem hiding this comment.
Suggested change
|
||||||
| 2. Provide a name for the API key | ||||||
|
There was a problem hiding this comment.
Suggested change
|
||||||
| 3. Click copy API key, and save this key for later. | ||||||
|
There was a problem hiding this comment.
Suggested change
|
||||||
|
|
||||||
| **Create a Datadog AppOmni Destination** | ||||||
|
There was a problem hiding this comment.
Suggested change
|
||||||
| **Log in to AppOmni** | ||||||
|
There was a problem hiding this comment.
Suggested change
I recommend just making this the first step in the list below. |
||||||
| 1. Navigate to **Threat Detection** and select **Destinations**. | ||||||
| 2. Click **Add New Destination**. | ||||||
| 3. Click the **Datadog Logs** card. | ||||||
| 4. Enter a **Name** and **Description** (optional). | ||||||
| 5. Ensure the following settings are checked: | ||||||
|
|
||||||
| - **SSL Verification** | ||||||
| - Select **Hash Original Field** to replace the original event field from the monitored service with a SHA256 hash of that event, thereby reducing event size. | ||||||
|
There was a problem hiding this comment.
Suggested change
|
||||||
| - Check **Gzip Compress Payloads** to reduce data size. | ||||||
|
|
||||||
| 6. Enter your **Datadog API Key**. | ||||||
| 7. Select your **Datadog site**. Identify which site you are on using [this table][2]. | ||||||
|
There was a problem hiding this comment.
Suggested change
|
||||||
| 8. Click **Save**. | ||||||
|
|
||||||
| ## Uninstallation | ||||||
|
|
||||||
| **Log in to Datadog** | ||||||
|
There was a problem hiding this comment. This line can be deleted. |
||||||
| Within Datadog navigate to **Organization settings** then click **API Keys**. | ||||||
|
There was a problem hiding this comment.
Suggested change
It seems as though this should be a numbered step? |
||||||
| 1. Click Revoke Key for the API key you want to remove. | ||||||
|
There was a problem hiding this comment.
Suggested change
|
||||||
|
|
||||||
| **Log in to AppOmni** | ||||||
|
There was a problem hiding this comment.
Suggested change
This line can be deleted, and the first step can just start with "In AppOmni,". I recommend labeling the set of steps with a subheader that describes the high-level action being taken. |
||||||
| 1. Navigate to **Threat Detection** and select **Destinations**. | ||||||
| 2. Locate the **Datadog** destination and click on it. | ||||||
| 3. Click the **Configuration** | ||||||
|
There was a problem hiding this comment.
Suggested change
|
||||||
| 4. Click **Delete** | ||||||
|
There was a problem hiding this comment.
Suggested change
|
||||||
|
|
||||||
| ## Support | ||||||
|
|
||||||
| Support can be reached by e-mail: [email protected] | ||||||
|
There was a problem hiding this comment.
Suggested change
|
||||||
|
|
||||||
|
|
||||||
| [1]: https://docs.datadoghq.com/account_management/api-app-keys/ | ||||||
| [2]: https://docs.datadoghq.com/getting_started/site/ | ||||||
Oops, something went wrong.
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add more context about the events and alerts