Pro Custodibus can push events to Datadog through Webhooks. Pro Custodibus sends events to the Datadog Log Collection endpoints via Datadog’s generic Send Logs HTTP intake API. You must set up a Datadog API Key to receive these events.
Pro Custodibus can push several types of events to Datadog:
First log into Datadog and use the Datadog app to add a Datadog API key for Pro Custodibus to use.
Then log into Pro Custodibus, and follow these steps for each type of event you want to send to Datadog:
Click the Admin link in the app header.
Click the Webhooks link in the Administration panel.
Click the “plus” icon on the right side of the Webhooks panel.
Configure the following fields, then click the Add button to submit the form:
Event type. See Webhook Types for details of each type.
“Active” or “Inactive”. Pause the webhook by setting it to “Inactive”; unpause it by setting it to “Active”.
URL of the Datadog HTTP intake API that corresponds to the Datadog site you use. For the
US1 site, use the following URL:
Consult Datadog’s Send Logs API documentation for the URL that corresponds to the Datadog site you use (use the “Site” selector in the top-right of Datadog’s API documentation to select the appropriate site).
List of HTTP headers Pro Custodibus will include when POSTing HTTP requests. If your Datadog API key is
abcdef12345678900000000000000000, use the following header to authenticate with the Datadog API:
HTTP header names are case insensitive. You can enter this header name as
Optional list of extra fields to add to the JSON body of each event when POSTed. Put one field on each line, like the following:
ddsource: procustodibus ddtags: env:prod,version:1.0
These are the extra fields you can use with the Datadog API:
ddsource: The technology from which the log entries originated. We recommend you set this field value to
ddtags: Tags to associate with the log entries.
service: The name of the application or service which generated the log entries. We recommend you set this field value to a unique value for each webhook type you add (eg
wg_alertsfor the “Alerts” webhook,
wg_endpoint_statsfor the “Endpoint Stats” webhook, and so on).
Maximum number of events to batch into a single POST HTTP request. We reccomend using the default value (
100) with Datadog.
See the Push WireGuard Logs to Datadog SIEM blog post for a full getting-started guide to Datadog integration.