Overview

Sectigo Connector for Datadog ("the connector") is a solution for integrating Sectigo Certificate Manager (SCM) audit logs with Datadog. This integration lets you pull SCM audit logs into Datadog to monitor, analyze, and visualize the SCM activities of your organization in near real-time.

This guide is intended for Datadog administrators and system administrators who have knowledge of IT security, cloud security, and are also familiar with SCM.

This guide covers instructions for deploying and configuring the Sectigo-developed connector to deliver SCM audit logs to your Datadog.

Architecture diagram

Process Workflow

The process goes through the following stages:

  1. The connector is deployed to your infrastructure.

  2. The connector tries to load the state of the last run from storage.

    • If the last state is not found, the connector initializes it.

    • If the last state is found, the connector loads it.

  3. The connector pulls recent audit logs that haven’t been synchronized since the last run.

  4. The connector updates the last state in storage.

  5. The connector pauses (configurable).

  6. The process repeats starting from step 3.

State is a small json (under 1kb) and doesn’t grow in size over time.

We recommned that you use persistent storage to get continuous synchronization without duplicates or loses.

The connector currently supports the following storage backends:

  • In Memory (doesn’t persist between restarts)

  • Local filesystem

  • Redis

  • AWS S3

  • Google Cloud Storage

Additional resources

Sectigo Certificate Manager administrator’s guide