Guide
TrainingSupportCommunity

Real-time Connector Metrics using Datadog SIEM

Suggest Edits

You can use Datadog SIEM provider to monitor, analyze, investigate any health issue, security incidents, and perform data visualization for your EAA Connectors. You can send CPU, Memory, and Network metrics of the EAA Connectors to Datadog for creating Dashboards for visualization.

📘

Note:

This is a limited-availability (LA) feature and can be enabled in your contract by contacting Akamai Support.

It involves these steps:

  1. Provide the agent-id of the connector which you will use for Datadog queries to Akamai support.
  2. Configure the EAA Management Portal to send the metrics to the Datadog SIEM provider.
  3. View the metrics, create graphs, dashboards in Datadog.

Send metrics to a SIEM provider

Prerequisite: You must have a connector version greater than 24.03.00.150

You can send different connector metrics like CPU, memory, and network to your DataDog SIEM provider.

Follow this procedure to send these metrics:

  1. Log in to the Enterprise Center.
  2. In the Enterprise Center navigation menu, select Application Access > General Settings > Settings > Company Settings.
  3. Go to the System monitoring SIEMs section.
  4. Enable Send metrics, to send the connector metrics like CPU, memory and network to your SIEM provider to monitor, investigate issues, and perform data visualization. If you disable Send metrics for more than 24 hours, the data is lost for the disabled period.

The connector metrics sent to Datadog SIEM are:

Connector Metrics to Datadog SIEM

  1. Active SIEM. Select the name of the SIEM provider. Only Datadog is supported for this release. You can also click on the edit SIEM (pencil icon) to edit the SIEM parameters. You can click remove SIEM, to delete the SIEM provider and start another configuration.
  2. Server. Provide the server hostname of the SIEM provider.

Copy hostname server

  1. Encryption Token. Provide the token to securely send the connector metrics data to the SIEM provider. You can obtain the encryption token from the API Keys from DataDog. See Add an API key or Client Token in Datadog documentation. You can click on the show encryption token (eye icon) to check if you entered it correctly, in case you have trouble connecting to the SIEM server.

Copy Datadog API keys

  1. Click Test and Save, to test the connectivity. If EAA can communicate to Datadog SIEM correctly, changes are saved.

You should be able to receive the EAA Connector metrics in your SIEM provider dashboard to perform diagnosis, data visualization, and troubleshoot any security incidents.


View metrics in Datadog Explorer

In Datadog Metrics Explorer, follow these steps for data visualization:

  1. Use the Add Query, to add the name of the Metrics you want to visualize in a graph.
  2. For the from option, add the agent-id: of the EAA connector. You can obtain this information from Akamai support.
  3. Select the time period.

A graph is generated for the chosen metrics.

Here’s an example of the EAA Connector’s CPU usage metrics in Datadog Metrics Explorer:

Datadog visualization example

For more details on data visualization, see Datadog documentation.

Limitations

You must have a newly created EAA connector with connector version greater than 24.03.00.150 installed with the 24.03 release, and running on VMWare and Docker platform. Other platforms are not supported in this release. The feature will not work with older versions of connectors.

Updated about 1 month ago