Document toolboxDocument toolbox

monitor.datadog

Owned by Anthony Shevlin (Deactivated)
Last updated: Sept 06, 2023
1 min read

[ Introduction ] [ Valid tags and data tables  ] [ Table structure ]

Introduction

The tags beginning with monitor.datadogidentify events generated by Datadog.

Valid tags and data tables 

The full tag must have three levels. The first two are fixed as monitor.datadog. The third level identifies the type of events sent.

These are the valid tags and corresponding data tables that will receive the parsers' data:

Product / Service

Tags

Data tables

Product / Service

Tags

Data tables

Datadog Unified Observability and Security

monitor.datadog.archival.dfs

monitor.datadog.archival

monitor.datadog.event

monitor.datadog.event

monitor.datadog.monitor

monitor.datadog.monitor

For more information, read more about Devo tags.

Table structure

These are the fields displayed in these tables:

monitor.datadog.archival

Field

Type

Extra field

Field transformation

Source field name

Field

Type

Extra field

Field transformation

Source field name

eventdate

timestamp

 

 

 

hostname

str

 

 

 

account

str

 

 

 

id

str

 

 

 

date

timestamp

 

 

 

attributes__aws__firehose__arn

str

 

 

 

attributes__aws__s3__bucket

str

 

 

 

attributes__aws__s3__key

str

 

 

 

attributes__aws__invoked_function_arn

str

 

 

 

attributes__aws__arn

str

 

 

 

attributes__aws__function_version

str

 

 

 

attributes__syslog__severity

int4

 

 

 

attributes__syslog__hostname

str

 

 

 

attributes__syslog__appname

str

 

 

 

attributes__syslog__prival

int4

 

 

 

attributes__syslog__facility

int4

 

 

 

attributes__syslog__version

int4

 

 

 

attributes__syslog__timestamp

str

 

 

 

attributes__duration

float8

 

 

 

attributes__service

str

 

 

 

attributes__host

str

 

 

 

attributes__http__protocol

str

 

 

 

attributes__http__status_code

int4

 

 

 

attributes__http__url_details__scheme

str

 

 

 

attributes__http__url_details__host

str

 

 

 

attributes__http__url_details__port

int4

 

 

 

attributes__http__url_details__path

str

 

 

 

attributes__http__method

str

 

 

 

attributes__http__status_category

str

 

 

 

attributes__http__useragent

str

 

 

 

attributes__http__version

str

 

 

 

attributes__http__ssl__cipher

str

 

 

 

attributes__http__ssl__protocol

str

 

 

 

attributes__http__useragent_details__os__family

str

 

 

 

attributes__http__useragent_details__browser__major

str

 

 

 

attributes__http__useragent_details__browser__family

str

 

 

 

attributes__http__useragent_details__device__model

str

 

 

 

attributes__http__useragent_details__device__family

str

 

 

 

attributes__http__useragent_details__device__category

str

 

 

 

attributes__http__useragent_details__device__brand

str

 

 

 

attributes__http__url

str

 

 

 

attributes__TraceId

str

 

 

 

attributes__elb__performance__response_processing_time

float8

 

 

 

attributes__elb__performance__request_processing_time

float8

 

 

 

attributes__elb__performance__backend_processing_time

float8

 

 

 

attributes__elb__backend_status_code

int4

 

 

 

attributes__elb__name

str

 

 

 

attributes__date_access

timestamp

 

 

 

attributes__network__bytes_written

int4

 

 

 

attributes__network__destination__port

int4

 

 

 

attributes__network__destination__ip

ip4

 

 

 

attributes__network__client__port

int4

 

 

 

attributes__network__client__ip

ip4

 

 

 

attributes__network__bytes_read

int4

 

 

 

source

str

 

 

 

message

str

 

 

 

service

str

 

 

 

status

str

 

 

 

tags_str

str

 

join(tags, ',')

tags

host

str

 

 

 

hostchain

str

✓

 

 

tag

str

✓

 

 

rawMessage

str

✓

 

 

monitor.datadog.event

Field

Type

Extra field

Field

Type

Extra field

eventdate

timestamp

 

hostname

str

 

date_happened

timestamp

 

alert_type

str

 

is_aggregate

bool

 

title

str

 

url

str

 

text

str

 

tags

str

 

comments

str

 

children

str

 

priority

str

 

source

str

 

host

str

 

resource

str

 

device_name

str

 

id

int8

 

hostchain

str

✓

tag

str

✓

rawMessage

str

✓

monitor.datadog.monitor

Field

Type

Extra Label

Field

Type

Extra Label

eventdate

timestamp

 

hostname

str

 

restricted_roles

str

 

tags

str

 

deleted

str

 

query

str

 

message

str

 

matching_downtimes

str

 

id

int8

 

multi

bool

 

name

str

 

created

str

 

created_at

timestamp

 

creator__id

int8

 

creator__handle

str

 

creator__name

str

 

creator__email

str

 

org_id

int4

 

modified

str

 

overall_state_modified

str

 

overall_state

str

 

type

str

 

options__notify_audit

bool

 

options__locked

bool

 

options__timeout_h

int4

 

options__silenced

str

 

options__include_tags

bool

 

options__no_data_timeframe

str

 

options__require_full_window

bool

 

options__new_host_delay

int4

 

options__notify_no_data

bool

 

options__renotify_interval

int4

 

options__escalation_message

str

 

options__thresholds__critical

float8

 

options__thresholds__warning

float8

 

hostchain

str

✓

tag

str

✓

rawMessage

str

✓