How-To: Export your EZCMS Logs to Datadog

Learn how to monitor critical user actions by pushing the information to your Datadog SIEM.

Prerequisites

How To Export Your EZCMS Audit Logs To Datadog

How To Enable Log Export in EZCMS Portal

  1. Go to your EZCMS portal.

  2. Click on Settings.

    EZCMS Settings

  3. Scroll down to SIEM Connection Settings and enable the Send Alerts to SIEM option.

    EZCMS Send Audit Logs to SIEM checkbox

How To Configure the Datadog Exporter in the Datadog Portal

  1. In another tab, go to the Datadog Logs API docs: Datadog Docs.

  2. Look on the top right and check that you have the correct Datadog site selected.

    Getting HTTP endpoint from Datadog Docs

  3. Select the correct site, then copy the corresponding URL.

    Finding HTTP endpoint from Datadog Docs

  4. Now go to your Datadog Instance. Here you will find your personal settings.

    Datadog account menu and user settings

  5. Hover over your username and click the API Keys option.

    Datadog API keys tab in user settings

  6. Then click the + New Key button

    Datadog API keys page with + New Key button

  7. Give your key a name and click on the Create Key button

    Datadog dialog to name and create a new API key

  8. Copy your key and hit the Finish button.

    Datadog screen showing newly created API key ready to copy

How To Configure the Datadog SIEM in EZCMS Portal

  1. Now go back to the EZCMS Portal.

  2. Select Datadog as the SIEM Provider.

    Set Datadog as the SIEM in EZCMS

  3. Input the values that you copied from the Datadog portal. Then, click Test Connection. This will create a test log in your Datadog SIEM (please allow a few minutes for the log to show up in the Datadog portal).

    Datadog Paste Values and Test Connection

  4. If the connection test is successful, click Save Changes.

    EZCMS SIEM Settings Save Changes

  5. EZCMS will now send your security alerts to your SIEM. If an error occurs it will email your subscription administrators.