Learning Objectives

Upon completing this course, you will be able to:

  • Effectively collect, process, and manage logs for security monitoring
  • Create Detection Rules for different security use cases
  • Use Cloud SIEM in Datadog to identify and investigate security vulnerabilities

Primary Audience

This course is designed to provide DevOps Engineers with a general foundation for using Datadog Cloud SIEM.


The prerequisites for this course are the following:

Technical Requirements

In order to complete the course, you will need:

  • Google Chrome or Firefox
  • Third-party cookies must be enabled to access labs

Course Navigation

At the bottom of each lesson, click MARK LESSON COMPLETE AND CONTINUE button so that you are marked complete for each lesson and can receive the certificate at the end of the course.

Course Enrollment Period

Please note that your enrollment in this course ends after 30 days. You can re-enroll at any time and pick up where you left off.

Course Curriculum

    1. Introduction

    1. Importance of Logs for Cloud SIEM

    2. Cloud SIEM in Datadog

    3. Lab: Getting Started with Cloud SIEM

    1. Configuring Logs for Cloud SIEM

    2. Investigating Various Use Cases with Cloud SIEM

    3. Lab: Additional Detection Types

    4. Path of the attacker

    5. Lab: Path of the attacker

    1. Summary

    2. Feedback Survey

Introduction to Cloud SIEM

  • 2 hours to complete
  • 8 Lessons
  • Intermediate