DataDog Integration Guide

Integration of Resolution Intelligence^® with DataDog provides a flawless monitoring service for IT, Operations and Development teams. This integration lets process and correlate the humongous data produced from different apps into actionable insights and resolves the production issues faster and quicker.

DataDog integration with Resolution Intelligence allows you to send signals from DataDog into the ActOns^TM timeline in Resolution Intelligence where it processes and turns the signals into situations and notify the respective personnel to take immediate actions against the ActOns. This integration can be enabled using a webhook configuration in DataDog environment. 

Prerequisites

You must have an active account and admin privileges to configure the integration in both DataDog and Resolution Intelligence.

Enabling DataDog Integration 

In Resolution Intelligence

1. From the Resolution Intelligence platform interface, navigate to Configurations --> Integrations-> DataDog-><-Netenrich tile and click Enable integration toggle switch.

2. Under the Inbound section, select the Authentication type as JSON Web Token (JWT). A web URL and consumer token will be generated.

In DataDog Environment

1. Login to your DataDog account.
Note: You will need to signup by providing your basic details if you are a new user.

2. From the main Web interface, on the left-hand menu bar, navigate to Integrations and search Webhooks in the search field.

3. Click on the Webhooks tile. A webhook integration window opens on the screen. 

4. In the Configuration tab, click+ New.

5. Give a name for the webhook and paste the webhook URL copied from the NeDataDog in the given blanks.

6. Use the below sample payload to consume the signal from DataDog and then click Save.

{ "id": "$ID", "eventTitle": "$EVENT_TITLE", "eventType": "$EVENT_TYPE", "evenAlertID": "$ALERT_ID", "eventAlertType": "$ALERT_TYPE", "eventHostName": "$HOSTNAME", "eventAlertMetric": "$ALERT_METRIC", "eventAlertTittle": "$ALERT_TITLE", "date": "$DATE", "org":

         { "id": "$ORG_ID", "name": "$ORG_NAME" }, "eventDetails": { "email": "$EMAIL", "eventMsg": "$EVENT_MSG", "eventTxtMsg": "$TEXT_ONLY_MSG", "evenDatePost": "$DATE_POSIX", "eventAggregKey": "$AGGREG_KEY", "eventAlertStatys": "$ALERT_STATUS", "eventUserName": "$USERNAME", "eventSnaoShot": "$SNAPSHOT", "eventLink": "$LINK", "eventTags": "$TAGS", "eventLastUpdatedPosix": "$LAST_UPDATED_POSIX", "eventAlertQuery": "$ALERT_QUERY", "eventAlertScope": "$ALERT_SCOPE", "eventAlertCycleKey": "$ALERT_CYCLE_KEY", "last_updated": "$LAST_UPDATED" } }

Configuring Monitors for signals

Metric monitors are helpful in analyzing continuous streams of data. Signals will be sent to DataDog based upon if they cross a threshold limit over a given period of time.  

If you want to enable monitors to resolve the signals generated in DataDog, follow the procedure below.

1. From the DataDog's web interface, on the left-hand menu bar, navigate to Monitors --> New Monitor.
2. In the Monitors screen, you can find different monitor types available under Select Monitor Type. For example, select Metric.

       3. In the Metric Monitor screen, you can see the various sections which are described below.

• • a. Choose the Detection method: Select the detection type you wish to send a signal. For example, select Threshold.
    

• •  Define the Metric: Select the type of metric based on which you will need to generate the signal and the server details.

• • Set Alert Conditions: Signal conditions vary slightly based on the detection method you choose. Set the threshold parameters to trigger an signal as shown in the below illustration.

Option	Description
Alert threshold	The value used to trigger an alert notification.
Warning threshold	The value used to trigger a warning notification.
Alert recovery threshold	An optional threshold to indicate an additional condition for alert recovery.
Warning recovery threshold	An optional threshold to indicate an additional condition for warning recovery.

• • Notify your team: Add Email Ids of respective personnel to whom you want to send notifications.
    

• • Say What's Happening: Add a title for the monitor and describe the steps to resolve a problem as a monitor message. Set the tags (optional) and priority. If you wish to test the notification, click Test notifications. A notification message will be sent to the mail id that is added in the Notify team section.

• • Once you tested the notification, then click Create. A monitor will be created for the alert that you want to notify.

APE Fields	Alert Transformation
subject	<alertStatus>
description	<textOnlyMsg>
currentState	data. alertType → error->Critical warning->Warning success->Ok
serviceName	data.metricNameSpace
alertType	"Monitoring"
source	"NeIngestor"
externalSource	"DataDog"
tenant_id	Meta data it is avaiable
status	"New"
priority	data.alertPriority --> if it is empty or null then put P1
alertTime	data.lastUpdated
createdTime	data.lastUpdated
updatedTime	data.lastUpdated
eventType	"Alert"
metric	data.alertMetric
createdBy	"DataDog"
dataCenterCode	Meta data it is avaiable
organization_id	Meta data it is avaiable
domain_id	Meta data it is avaiable
alertId	data.alertCycleKey
tenantName	Meta data it is avaiable
organizationName	Meta data it is avaiable
domainName	Meta data it is avaiable
version	1
deviceName	data.hostName
assetsMeta	asset_name--> data.hostName asset_type--> data.metricNameSpace source_asset_id--> "" source_name --> "DataDog"
externalClientId	Meta data it is avaiable
alertSourceUrl	data.link
alertTags	What are the remaining fields are there we will put