Configure HCP Vault Dedicated audit log streaming to DataDog

Availability

HCP Vault Dedicated audit logs streaming is available for all production grade clusters. The feature is not available for Development tier clusters.

Prerequisites

To configure audit logs streaming to DataDog, you will need to have:

A HCP account with Admin or Contributor role assigned in HCP
A production grade HCP Vault Dedicated cluster
Your Datadog region and API key
Note
If you do not have a cluster running, refer to the Create a Vault Cluster on HCP or the Deploy HCP Vault Dedicated with Terraform tutorial to create an HCP Vault Dedicated cluster.

Enable audit logs streaming

From the HCP Vault Dedicated cluster Overview page, select the Audit Logs view.
Click Enable log Streaming.
From the Enable audit logs streaming view, select Datadog as the provider and click Next.
Under Datadog configuration, enter your API Key and select the Datadog site region that matches your existing Datadog environment.
Click Save.
Note
At this time, HCP Vault Dedicated only supports audit logs streaming to one log endpoint at a time.

Refer to the Datadog documentation for details on log exploration.

Example Terraform configuration (optional)

Refer to the Terraform Registry hcp_vault_cluster documentation for more information.

resource "hcp_vault_cluster" "example" {
  cluster_id = "vault-cluster"
  hvn_id     = hcp_hvn.example.hvn_id
  tier       = "standard_large"
  audit_log_config {
    datadog_api_key = "actual-api-key"
    datadog_region = "region"
  }
}

Edit the audit log streaming configuration (optional)

To edit a audit log streaming integration, perform the following steps.

From the Audit Logs page, click on the Manage drop-down, then Edit configuration.
Edit the configuration, then click Save.

Disable audit log streaming (optional)

To disable a audit log streaming integration, from the Audit Logs page, click on the Manage drop-down, then Disable streaming.