Datadog integration
Tracelight alerts as Datadog events.
If your team already runs Datadog for observability, Tracelight events can land in the Datadog event stream via the generic webhook → Datadog Events API path. Then your existing Datadog monitors + dashboards work over OSINT alert signal.
What's in this integration
- Generic webhook → Datadog Events API endpoint
- Each Tracelight alert becomes one Datadog event with severity tag
- Set up Datadog monitors that aggregate Tracelight events (e.g. 'alert me when 5+ critical alerts in 1 hour')
- Cross-reference with infra signal in the same Datadog dashboard
Setup
- 1Datadog → Integrations → APIs → generate API key
- 2Tracelight → Dashboard → Integrations → New webhook → Kind: generic_json → URL = https://api.datadoghq.com/api/v1/events?api_key=<KEY>
- 3Subscribe to events (start with alert.fired + monitor.match)
- 4In Datadog, build a monitor or dashboard over the new event stream
- 5Test from Tracelight + verify the event appears in Datadog's event stream within ~30 seconds
Events you can subscribe to
alert.firedmonitor.matchWire it up.
Sign up, head to Dashboard → Integrations, and turn this on in 60 seconds.
Other integrations
Slack
Native OAuth bot + /tracelight slash command + alert notifications routed to channels of your choice.
Zapier
Wire Tracelight events into 6,000+ Zapier-connected apps. HMAC-signed webhooks make Zaps tamper-proof.
Discord
Channel webhook for alert digests + per-event notifications. SSRF-guarded outbound dispatch.
Microsoft Teams
Adaptive Card alerts in any Teams channel via incoming-webhook URL. Works with both classic O365 connectors and the new Workflows.
Notion
Pipe Tracelight events into a Notion database — auto-log every case, alert, or report into your team workspace.
Linear
Auto-create Linear issues for high-severity Tracelight alerts. Useful for teams running investigations like an engineering project.
HubSpot
Sync Tracelight cases + alerts into HubSpot CRM as deal records, contacts, or activity timeline entries.
Salesforce
Tracelight events → Salesforce Cases or custom objects via Flow Builder + the generic webhook integration.
Splunk
Stream Tracelight audit events + alerts into Splunk via HEC. Useful for SOCs running Tracelight as one of many investigation feeds.
Jira
Auto-create Jira issues from high-severity Tracelight alerts. Useful for SOC + investigation teams running case management in Jira.
ServiceNow
Stream Tracelight alerts into ServiceNow as incident records. For enterprise SOCs running ITSM-style alert workflows.
GitHub
Auto-open GitHub issues from Tracelight alerts. Useful for security teams running incident response in Issues + Projects.
Asana
Auto-create Asana tasks from Tracelight alerts + cases. Useful for investigation teams running case management in Asana.
ClickUp
Tracelight events → ClickUp tasks. For teams running case management in ClickUp.
Microsoft 365
Tracelight events into Microsoft 365 — Outlook calendar holds for incidents, OneDrive report archival, Power Automate flows.
Trello
Tracelight events → Trello cards. For investigation teams running Kanban-style case management.
Calendly
Auto-schedule investigator follow-up calls when high-severity alerts fire. Useful for client-facing PI shops.
Generic webhooks
Subscribe any HTTPS endpoint to Tracelight events. HMAC-SHA256 signing. SSRF-safe. Zero glue.