1、BEST PRACTICE SERIESDatadog Cloud SIEMBest practices for monitoring AWS CloudTrail logs 3Blazing trails 4Understanding AWS CloudTrail audit logs 5Key CloudTrail audit logs to monitor 12Collect and analyze CloudTrail logs with Datadog 15Start monitoring your AWS CloudTrail audit logs 18Best practices

2、 for monitoring GCP audit logs 19A primer on the Google Cloud hierarchy 20Understanding Google Cloud Audit Logs 20Key GCP audit logs to monitor 27Shipping your audit logs 30Collect and analyze audit logs with Datadog 31Start monitoring your Cloud Audit Logs 36Best practices for monitoring Microsoft

3、Azure platform logs 37Understanding Azure platform logs 39Key Azure platform logs to monitor 44Shipping your Azure platform logs 48Collect and analyze Azure platform logs with Datadog 48Start monitoring your Azure platform logs with Datadog 51Best practices for monitoring Kubernetes security via aud

4、it logs 52A primer on generating audit logs 53Interpreting your Kubernetes API server audit logs 53Key Kubernetes audit logs to monitor 55Monitor Kubernetes security with Datadog 59Start monitoring your Kubernetes audit logs 60Best practices for monitoring authentication logs 61Best practices for wr

5、iting authentication logs 62Use authentication logs to detect common security threats 65Monitor your authentication logs with Datadog 66Get insight into all of your authentication events 68BEST PRACTICE SERIESDatadog Cloud SIEMEngineering teams that build,scale,and manage cloud-based applications on

6、 AWS know that at some point in time,their applications and infrastruc-ture will be under attack.But as applications expand and new features are added,securing the full scope of an AWS environment becomes an increasingly complex task.To add visibility and auditability,AWS CloudTrail tracks the who,w