Abnormal Security

Supported OS Linux Windows Mac OS

Abnormal Overview Dashboard

Overview

Abnormal Security provides comprehensive email protection using a platform that understands human behavior. It protects against attacks that exploit human behavior, including phishing, social engineering, and account takeovers.

Datadog’s integration with Abnormal Security collects logs using Abnormal Security’s API, which generates three types of logs:

  • Threat Logs: Threat logs include any malicious activity or attack that could harm an organization, its data, or personnel.
  • Case Logs: Case logs include Abnormal Cases that are identified by Abnormal Security. These cases usually include related threats within them.
  • Audit Logs: These logs include actions taken on the Abnormal Portal.

Setup

Configuration

  1. Sign into your Abnormal Security Account.
  2. Click Abnormal REST API.
  3. Retrieve your authentication token on the Abnormal Portal.

This token is used to view your Abnormal detected threats, cases, and audit logs.

Validation

Data Collected

Metrics

The Abnormal Security integration does not include any metrics.

Log Collection

Abnormal Security Incidents, Cases, and Audit logs will show up under the source abnormal-security.

Events

The Abnormal Security integration does not include any events.

Service Checks

The Abnormal Security integration does not include any service checks.

Troubleshooting

Need help? Contact Datadog support.

PREVIEWING: mervebolat/span-id-preprocessing