From 9e2ca6a7795c13e5c2169710be1780899b38e482 Mon Sep 17 00:00:00 2001 From: Raphael Allier Date: Tue, 8 Jul 2025 11:16:12 +0200 Subject: [PATCH 1/3] [AWSX-1556] feat(logs): add support for Network firewall autosubscription --- ...s-services-logs-with-the-datadog-lambda-function.md | 10 +++++++++- 1 file changed, 9 insertions(+), 1 deletion(-) diff --git a/content/en/logs/guide/send-aws-services-logs-with-the-datadog-lambda-function.md b/content/en/logs/guide/send-aws-services-logs-with-the-datadog-lambda-function.md index a26e4a897b56c..fc68e114cbe5e 100644 --- a/content/en/logs/guide/send-aws-services-logs-with-the-datadog-lambda-function.md +++ b/content/en/logs/guide/send-aws-services-logs-with-the-datadog-lambda-function.md @@ -52,6 +52,7 @@ Any AWS service that generates logs into a S3 bucket or a CloudWatch Log Group i | [Step Functions][52] | [Enable Amazon Step Functions logs][53] | [Manual][54] log collection. | | [Web Application Firewall][49] | [Enable Amazon WAF logs][50] | [Manual][51] and [automatic](#automatically-set-up-triggers) log collection. | | [MWAA][55] | [Enable Amazon MWAA logs][56] | [Manual][56] and [automatic](#automatically-set-up-triggers) log collection. | +| [Network Firewall][57] | [Enable Amazon Network Firewall logs][58] | [Manual][58] and [automatic](#automatically-set-up-triggers) log collection. | ## Set up triggers @@ -76,6 +77,7 @@ Datadog can automatically configure triggers on the Datadog Forwarder Lambda fun | Cloudtrail Logs | S3, Cloudwatch | | Lambda Logs | CloudWatch | | Lambda@Edge Logs | Cloudwatch | +| Network Firewall Logs | S3, CloudWatch | | Redshift Logs | S3 | | S3 Access Logs | S3 | | SSM Command Logs | Cloudwatch | @@ -99,6 +101,8 @@ Datadog can automatically configure triggers on the Datadog Forwarder Lambda fun "lambda:InvokeFunction", "lambda:List*", "lambda:GetPolicy", + "network-firewall:DescribeLoggingConfiguration", + "network-firewall:ListFirewalls", "redshift:DescribeClusters", "redshift:DescribeLoggingStatus", "s3:GetBucketLogging", @@ -123,12 +127,14 @@ Datadog can automatically configure triggers on the Datadog Forwarder Lambda fun | `cloudfront:GetDistributionConfig` | Get the name of the S3 bucket containing CloudFront access logs. | | `cloudfront:ListDistributions` | List all CloudFront distributions. | | `cloudtrail:GetTrail` | Get Trail logging information. | - | `cloudtrail:ListTrails` | List all Cloudtrail trails. | + | `cloudtrail.ListTrails` | List all Cloudtrail trails. | | `elasticloadbalancing:`
`DescribeLoadBalancers` | List all load balancers. | | `elasticloadbalancing:`
`DescribeLoadBalancerAttributes` | Get the name of the S3 bucket containing ELB access logs. | | `lambda:InvokeFunction` | Invoke a Lambda function. | | `lambda:List*` | List all Lambda functions. | | `lambda:GetPolicy` | Get the Lambda policy when triggers are to be removed. | + | `network-firewall:DescribeLoggingConfiguration` | Get the logging configuration of a firewall | + | `network-firewall:ListFirewalls` | List all Network Firewall firewalls | | `redshift:DescribeClusters` | List all Redshift clusters. | | `redshift:DescribeLoggingStatus` | Get the name of the S3 bucket containing Redshift Logs. | | `s3:GetBucketLogging` | Get the name of the S3 bucket containing S3 access logs. | @@ -349,3 +355,5 @@ You can also exclude or send only those logs that match a specific pattern by us [54]: /integrations/amazon_step_functions/#send-logs-to-datadog [55]: /integrations/amazon_mwaa/ [56]: /integrations/amazon_mwaa/#log-collection +[57]: /integrations/amazon_network_firewall/ +[58]: /integrations/amazon_network_firewall/#log-collection From d734398b56cdf5102e84b6e51e11754989540553 Mon Sep 17 00:00:00 2001 From: Raphael Allier Date: Tue, 8 Jul 2025 12:52:38 +0200 Subject: [PATCH 2/3] [AWSX-1556] feat(logs): add support for Network firewall autosubscription --- .../send-aws-services-logs-with-the-datadog-lambda-function.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/en/logs/guide/send-aws-services-logs-with-the-datadog-lambda-function.md b/content/en/logs/guide/send-aws-services-logs-with-the-datadog-lambda-function.md index fc68e114cbe5e..02034cead8501 100644 --- a/content/en/logs/guide/send-aws-services-logs-with-the-datadog-lambda-function.md +++ b/content/en/logs/guide/send-aws-services-logs-with-the-datadog-lambda-function.md @@ -52,7 +52,7 @@ Any AWS service that generates logs into a S3 bucket or a CloudWatch Log Group i | [Step Functions][52] | [Enable Amazon Step Functions logs][53] | [Manual][54] log collection. | | [Web Application Firewall][49] | [Enable Amazon WAF logs][50] | [Manual][51] and [automatic](#automatically-set-up-triggers) log collection. | | [MWAA][55] | [Enable Amazon MWAA logs][56] | [Manual][56] and [automatic](#automatically-set-up-triggers) log collection. | -| [Network Firewall][57] | [Enable Amazon Network Firewall logs][58] | [Manual][58] and [automatic](#automatically-set-up-triggers) log collection. | +| [Network Firewall][57] | [Enable AWS Network Firewall logs][58] | [Manual][58] and [automatic](#automatically-set-up-triggers) log collection. | ## Set up triggers From 10970abc8ea74ac3e00423d524481977fbd62026 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Rapha=C3=ABl=20Allier?= <118757729+RaphaelAllier@users.noreply.github.com> Date: Tue, 8 Jul 2025 15:23:10 +0200 Subject: [PATCH 3/3] Update content/en/logs/guide/send-aws-services-logs-with-the-datadog-lambda-function.md Co-authored-by: Katie McKew <5915468+ktmq@users.noreply.github.com> --- .../send-aws-services-logs-with-the-datadog-lambda-function.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/en/logs/guide/send-aws-services-logs-with-the-datadog-lambda-function.md b/content/en/logs/guide/send-aws-services-logs-with-the-datadog-lambda-function.md index 02034cead8501..88f56a69e9f06 100644 --- a/content/en/logs/guide/send-aws-services-logs-with-the-datadog-lambda-function.md +++ b/content/en/logs/guide/send-aws-services-logs-with-the-datadog-lambda-function.md @@ -127,7 +127,7 @@ Datadog can automatically configure triggers on the Datadog Forwarder Lambda fun | `cloudfront:GetDistributionConfig` | Get the name of the S3 bucket containing CloudFront access logs. | | `cloudfront:ListDistributions` | List all CloudFront distributions. | | `cloudtrail:GetTrail` | Get Trail logging information. | - | `cloudtrail.ListTrails` | List all Cloudtrail trails. | + | `cloudtrail:ListTrails` | List all Cloudtrail trails. | | `elasticloadbalancing:`
`DescribeLoadBalancers` | List all load balancers. | | `elasticloadbalancing:`
`DescribeLoadBalancerAttributes` | Get the name of the S3 bucket containing ELB access logs. | | `lambda:InvokeFunction` | Invoke a Lambda function. |