|
1 | | -# Agent Check: cato-networks |
2 | | - |
3 | 1 | ## Overview |
4 | 2 |
|
5 | | -This check monitors [cato-networks][1]. |
| 3 | +[Cato Networks][1] provides a single-vendor Secure Access Service Edge (SASE) platform that converges SD-WAN, global private networking, and a full network security stack into a cloud-based service. |
| 4 | + |
| 5 | +This integration ingests the following logs: |
| 6 | + |
| 7 | +- **Audit Logs**: These logs provide detailed information on admin actions performed within the system. |
| 8 | +- **Events**: These logs provide detailed insights into security, detection and response, connectivity, and system events within the Cato Networks platform. |
| 9 | + |
| 10 | +Integrate Cato Networks with Datadog to gain insights into audit logs and events using pre-built dashboard visualizations. Datadog uses its built-in log pipelines to parse and enrich these logs, facilitating easy search and detailed insights. Additionally, the integration can be used for Cloud SIEM detection rules for enhanced monitoring and security. |
6 | 11 |
|
7 | 12 | ## Setup |
8 | 13 |
|
9 | | -### Installation |
| 14 | +### Audit Log Collection |
| 15 | + |
| 16 | +#### Obtaining Client Credentials |
| 17 | +1. Log in to Cato Networks platform and navigate to **Resources** > **Service API Keys**. |
| 18 | +2. In the **Service API Keys** tab, click **New** and provide the following details: |
| 19 | + - Select the **Service Principal**. |
| 20 | + - Enter the **Key Name**. |
| 21 | + - Set the **API Permission** as **Downgrade to View**. |
| 22 | + - Set **Any IP** under the **Allow access from IPs** section. |
| 23 | +3. Click **Apply** button and copy the **Token**. |
| 24 | +4. Navigate to **Account** > **Account Info** and copy the **Account ID**. |
| 25 | +5. Identify your Cato Networks Region by checking the prefix of your URL: |
| 26 | + - `cc.us1.catonetworks.com` - us1 |
| 27 | + - `cc.catonetworks.com` - Keep region as empty |
| 28 | + |
| 29 | +#### Connect your Cato Networks Account to Datadog |
| 30 | + |
| 31 | +1. Add your `Cato Account ID`, `API Token` and `Region`. |
| 32 | + | Parameters | Description | |
| 33 | + | ---------- | ---------------------------------------------- | |
| 34 | + | Cato Account ID | The account ID from your Cato Networks platform URL | |
| 35 | + | API Token | The API Token of your Cato Networks platform | |
| 36 | + | Region | The prefix from your Cato Networks platform URL | |
| 37 | +2. Click **Save**. |
| 38 | + |
| 39 | + |
| 40 | +### Event Log collection |
| 41 | + |
| 42 | +#### Configure AWS S3 Bucket |
| 43 | +When configuring the AWS bucket, use **cato-networks** as the **S3 prefix**. |
| 44 | +For more information, see [Configuring the AWS S3 Bucket][2]. |
10 | 45 |
|
11 | | -The cato-networks check is included in the [Datadog Agent][2] package. |
12 | | -No additional installation is needed on your server. |
| 46 | +#### Set up event integration in CATO networks |
| 47 | +For more information on configuring the event integration in a CATO network, see [Adding Amazon S3 Integration for Events][3]. |
13 | 48 |
|
14 | | -### Configuration |
| 49 | +#### Configure Datadog Forwarder |
| 50 | +See information on configuring the [Datadog Forwarder][4]. When configuring the Lambda Forwarder, set the environment variable **DD_SOURCE** to **cato-networks**. |
15 | 51 |
|
16 | | -!!! Add list of steps to set up this integration !!! |
17 | 52 |
|
18 | | -### Validation |
| 53 | +## Data collected |
19 | 54 |
|
20 | | -!!! Add steps to validate integration is functioning as expected !!! |
| 55 | +### Logs |
21 | 56 |
|
22 | | -## Data Collected |
| 57 | +The Cato Networks integration collects and forwards audit logs and events to Datadog. |
23 | 58 |
|
24 | 59 | ### Metrics |
25 | 60 |
|
26 | | -cato-networks does not include any metrics. |
| 61 | +The Cato Networks integration does not include any metrics. |
27 | 62 |
|
28 | 63 | ### Events |
29 | 64 |
|
30 | | -cato-networks does not include any events. |
| 65 | +The Cato Networks integration does not include any events. |
31 | 66 |
|
32 | 67 | ## Troubleshooting |
33 | 68 |
|
34 | | -Need help? Contact [Datadog support][3]. |
| 69 | +Need help? Contact [Datadog support][5]. |
35 | 70 |
|
36 | | -[1]: **LINK_TO_INTEGRATION_SITE** |
37 | | -[2]: https://app.datadoghq.com/account/settings/agent/latest |
38 | | -[3]: https://docs.datadoghq.com/help/ |
| 71 | +[1]: https://www.catonetworks.com/ |
| 72 | +[2]: https://support.catonetworks.com/hc/en-us/articles/9726441847965-Integrating-Cato-Events-with-AWS-S3#h_01K06PD8YPXBZJH5P0BP625BB1 |
| 73 | +[3]: https://support.catonetworks.com/hc/en-us/articles/9726441847965-Integrating-Cato-Events-with-AWS-S3#h_01K06PD8YP6JCM5618J4YYDFAS |
| 74 | +[4]: https://docs.datadoghq.com/logs/guide/forwarder/?tab=cloudformation |
| 75 | +[5]: https://docs.datadoghq.com/help/ |
0 commit comments