Setting up Datadog Log Delivery

RTLD may automatically deliver compressed log data to Datadog by submitting HTTPS POST requests to it. Datadog will collect these requests as they are pushed from the CDN. Each request contains a compressed JSON document that describes one or more log entries.

Learn more: RTLD CDN | RTLD Rate Limiting | RTLD WAF

The format for log data delivered to Datadog is JSON Array. This log format does not provide information that uniquely identifies a set of log data. As a result, there is no way to check for gaps in sequence numbers when attempting to identify missing log data.

To create a log delivery profile

  1. From within the Datadog portal, copy your API key.

  2. Navigate to the Real-Time Log Delivery CDN | Rate Limiting | WAF page. From the main menu, navigate to More and then find Real-Time Log Delivery under Analytics. Select either CDN, WAF, or RL.

  3. Click Add Profile.
  4. From the Log Delivery Method option, select Datadog.
  5. From the Datadog Site option, select the Datadog location to which log data will be delivered.
  6. From the Datadog API Key option, paste your Datadog API key. This API key authorizes our service to upload log data to Datadog.

  7. From the Datadog Service Attribute Value option, type a value that uniquely identifies the data delivered as a result of this profile.
  8. From the Downsample the Logs option, determine whether all or downsampledReduces the amount of log data that will be delivered. For example, you may choose to only deliver 1% of your log data. log data will be delivered.

    • All Log Data: Verify that the Downsample the Logs option is disabled.
    • Downsampled Log Data: Downsample logs to 0.1%, 1%, 25%, 50%, or 75% of total log data by enabling the Downsample the Logs option and then selecting the desired rate from the Downsampling Rate option.

      Use this capability to reduce the amount of data that needs to be processed or stored by Datadog.
      RTLD CDN Only: Downsampling log data also reduces usage charges for this service.

  9. Log delivery setup varies according to whether you are delivering log data for CDN traffic, threats identified by WAF, or rate limited requests.

  10. Set the Log Delivery Enabled option to the "on" position.

  11. Click Save.
More Information