# Datadog Integration Datadog is a cloud monitoring and security platform used to track infrastructure health, incidents, and user access. By integrating Datadog with Sprinto, you can: * Automate infrastructure monitoring checks * Sync and validate incident tickets * Monitor and review user access * Maintain continuous compliance evidence Sprinto supports three use cases under Datadog: * Infrastructure Monitoring * Incident Management * Access Review #### Sprinto checks for Datadog Below are the Sprinto checks for the following integration types: * Infrastructure monitoring: Sprinto checks for infrastructure monitoring

Sprinto check	Required action
Infrastucture is monitored using Datadog	How to fix: To pass the following check, ensure that your Datadog account is configured for Infrastructure monitoring on your Sprinto account.

* Incident management: Sprinto checks for incident management

Sprinto check	Required action
Reported incident should be closed in Datadog	The following check gets activated when you have an incident ticket in the open status on your integrated Datadog account. How to fix: To resolve this check, you need to resolve the incident and close the assigned ticket from your Datadog account, then action the incident ticket on Sprinto (Security Hub > Incident > Datadog). For detailed instructions, refer to resolving the incident ticket on Sprinto.

Sprinto check

Required action

Reported incident should be closed in Datadog

The following check gets activated when you have an incident ticket in the open status on your integrated Datadog account.

How to fix: To resolve this check, you need to resolve the incident and close the assigned ticket from your Datadog account, then action the incident ticket on Sprinto (Security Hub > Incident > Datadog). For detailed instructions, refer to resolving the incident ticket on Sprinto.

* Access management: Sprinto checks for users' access monitoring | Sprinto check | Reference procedure | | ---------------------------------------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ | | Datadog access should be removed for offboarded user | [How to fix](https://sprinto.freshdesk.com/support/solutions/articles/72000603858-revoking-critical-system-access-for-off-boarded-staff) | | User should be identified | [How to fix](https://sprinto.freshdesk.com/support/solutions/articles/72000606019) | | User access to critical system should be valid |

How to fix

Note: The user access to the critical system becomes valid if the respective Org role is added to the system.

| ## Prerequisites Before connecting Datadog to Sprinto, ensure that: * You have **Admin access** to your Datadog account. * You can create: * API Keys * Application Keys * You know your **Datadog region** (for example: US1-East, US3-West, EU1-Europe, AP1-Japan, etc.). Sprinto requires read-only access to monitors, incidents, and user access data. *** ## Permissions Required (Infrastructure Monitoring & Incident Management) When creating the Application Key in Datadog, ensure the following scopes are enabled: * `monitors_read` * `user_access_read` * `incident_read` Sprinto uses this access only to fetch data. No configuration changes are made in Datadog. *** ## How It Works The Datadog integration consists of two connection flows: 1. Infrastructure Monitoring & Incident Management 2. Access Review Both are configured separately from the Integrations page. *** ## Connect Datadog for Infrastructure Monitoring & Incident Management ### Step 1: Navigate to Integrations 1. Log in to the Sprinto dashboard. 2. Go to **Settings → Integrations**. 3. Under the **All** tab, search for **Datadog**. 4. Click **Connect** next to Datadog.

A drawer opens showing two options: * Datadog – Infrastructure Monitoring & Incident Management * Datadog – Access Review Click **Connect** next to **Infrastructure Monitoring & Incident Management**.

*** ### Step 2: Review Permissions and Data In the drawer: * Review the number of controls and checks automated. * Expand **Permission & Data** to review: * Permissions required * Data used by Sprinto Click **Next**.

*** ### Step 3: Review Prerequisites and Generate Keys You will see: * Connection type: API Key * Prerequisites * Instructions to generate: * API Key * Application Key #### Create an API Key 1. Log in to Datadog. 2. Go to **Organization Settings**. 3. Navigate to **API Keys**. 4. Click **New Key**.

5. Enter a name (for example, *Sprinto Access*). 6. Click **Create Key**.

7. Copy and securely store the API key. #### Create an Application Key 1. Go to **Application Keys**. 2. Click **New Key**.

3. Enter a name. 4. Click **Create Key**. 5. Click **Edit** next to Scopes and enable the following scopes: * `monitors_read` * `user_access_read` * `incident_read` 6. Click **Save** to save changes. 7. Copy and securely store the Application Key. 8. Click **Finish**.

After generating both keys, return to the Sprinto dashboard: * Select the checkbox confirming you have the credentials. * Click **Connect Datadog**.

*** ### Step 4: Enter Credentials in Sprinto In the final drawer: 1. Enter: * API Key * Application Key 2. Select your **Region** from the dropdown (for example: US1-East, EU1-Europe, AP1-Japan and so on). Know more about [how Datadog regions work](https://docs.datadoghq.com/getting_started/site/#access-the-datadog-site). 3. Click **Connect Datadog**.

Once validated, the integration becomes active. *** ## Post-Connection Configuration After connecting: #### Configure Infrastructure Monitoring 1. Go to **Data Library → Infrastructure → Infra Systems**. 2. Click **Add infra system**.

3. Select **Datadog** as the monitoring provider. 4. Save changes. Sprinto will validate that monitoring is active and properly configured. *** #### Configure Incident Management 1. Navigate to **Data Library → Incidents → Overview**. 2. Click **+ Add System**.

3. Select **Datadog**. 4. Choose the date from which incidents should sync. Sprinto will: * Track open incidents * Validate resolution timelines * Trigger checks if SLAs are breached *** ## Connect Datadog for Access Review The Access Review integration uses an API key–based connection powered by Truto. *** ### Step 1: Start the Access Review Connection 1. Log in to the Sprinto dashboard. 2. Go to **Settings → Integrations**. 3. Under the **All** tab, search for **Datadog**. 4. Click **Connect** next to Datadog.

5. In the drawer, click **Connect** next to **Datadog – Access Review**. *** ### Step 2: Review Permissions and Data A drawer opens displaying: * Number of controls and checks automated * Permissions required * Data used by Sprinto * Access type requirement (Admin access required) Review the information and click **Next**.

*** ### Step 3: Setup Datadog Integration You will now see the **Setup Datadog Integration** screen. The screen confirms: * The integration can be performed from **Settings** or **Access → Overview** * Admin access is required To proceed: 1. Select the checkbox:\ **I have admin access to my Datadog account** 2. Click **Connect to Datadog.**

*** ### Step 4: Connect Using API Key A new modal opens titled **Connect using API Key**. You must provide: * **Datadog Region** * **API Key** * **Application Key** #### Select Region Choose your Datadog region from the dropdown (for example: US1, EU1, US3, etc.). Know more about [how Datadog regions work](https://docs.datadoghq.com/getting_started/site/#access-the-datadog-site). You can identify your region from your Datadog URL.\ Example:\ `https://app.datadoghq.com` → US1

*** #### Generate API Key in Datadog 1. Log in to Datadog. 2. Go to **Organization Settings**. 3. Navigate to **API Keys**. 4. Click **New Key**.

5. Name the key (for example: Sprinto Access). 6. Click **Create Key**. 7. Copy and securely store the API Key.

*** #### Generate Application Key in Datadog 1. Navigate to **Application Keys**. 2. Click **New Key**. 3. Name the key. 4. Click **Create**. 5. Edit the key and enable the required scopes: * `user_access_read` 6. Save the configuration. 7. Copy the Application Key. *** ### Step 5: Complete the Connection 1. Enter: * Datadog Region * API Key * Application Key 2. Click **Connect.** Once validated: * The Access Review integration becomes active. * Datadog can now be added as a Critical System. *** ## Add Datadog as a Critical System After successful connection: 1. Go to **Data Library → Access → Critical systems.** 2. Click **Add critical systems.** 3. Search for **Datadog.** 4. Select **Datadog.** 5. Click **Add 1 System.**

Datadog will now appear under Critical Systems for access monitoring. *** ## Configure Access Monitoring 1. Open Datadog from the Critical Systems list. 2. Click **Configure**. 3. Define valid access criteria: * Role-based access * Approved access requests * Allowed user groups Sprinto monitors user access against the defined rules but does not automatically revoke access. *** ## What Sprinto Monitors

Use Case	Validation Performed
Infrastructure Monitoring	Ensures Datadog monitors are active
Incident Management	Ensures incidents are tracked and closed
Access Review	Ensures user access is valid and reviewed

*** ## Sync Behaviour * Initial sync may take up to 24 hours. * Integration status shows as **Active** once connected. * Checks begin running automatically based on configuration. *** ## Troubleshooting #### Invalid API Key * Confirm the key is active. * Ensure the correct region is selected. #### Data Not Syncing * Verify required scopes are enabled. * Confirm integration status is Active. #### Access Review Not Triggering * Ensure Datadog is added as a Critical System. * Confirm access rules are configured. *** ## What Sprinto Validates for Access Review Sprinto checks: * Only authorised users have access to Datadog * Offboarded users do not retain access * Access reviews are completed as per policy Please contact [Sprinto Support](mailto:www.support@sprinto.com) if you have any queries related to the integration or need assistance.