Apr 11
Loading video player...
Normalizing security logs into the Open Cybersecurity Schema Framework (OCSF) is often complex, manual, and time-consuming. With Datadog Observability Pipelines, you can easily transform logs into OCSF format—right in your own environment—before routing them to destinations like Splunk, CrowdStrike, and AWS Security Lake. This video show how Security teams can use Observability Pipelines to: Collect, process, and transform logs into OCSF format automatically Use prebuilt mappings for popular vendors like AWS, Microsoft, and Palo Alto Networks Create custom OCSF mappings with full schema control Optimize logs with processors for enrichment, redaction, and volume control Forward OCSF-normalized logs anywhere, without vendor lock-in With Datadog Observability Pipelines, security teams gain a common language for detection and response, reduce operational overhead, and strengthen compliance—all while keeping logs on-prem. Explore the blog for more details: https://www.datadoghq.com/blog/observability-pipelines-stream-logs-in-ocsf-format/