Datadog
Stream the AxioRank governed audit log into Datadog and install the AxioRank tile for a prebuilt log pipeline, two dashboards, and four monitors. Watch agent governance next to the rest of your stack.
Most AxioRank integrations govern the calls your agents make. The Datadog integration is on the observability side: it ships the governed audit log into Datadog so every agent tool call sits next to the rest of your telemetry. It has two halves, configured independently:
- The log stream you turn on in AxioRank, which pushes events to the Datadog Logs intake.
- The AxioRank tile in Datadog, which adds a log pipeline, two dashboards, and four recommended monitors over those events.
An outbound SIEM destination, not an inbound check
Unlike inbound surfaces, which verify the agents reaching into a site you operate, the Datadog integration forwards your governance evidence outward. Nothing in Datadog changes how AxioRank decides a call. It is read-only telemetry.
Turn on the log stream
- In Datadog, copy an API key from Organization Settings, API Keys.
- In AxioRank, open Settings, Log Streaming, add a Datadog destination,
paste the key, and set your site (for example
datadoghq.com,datadoghq.eu, orus5.datadoghq.com). - Save and click Send test to emit a sample event, then confirm it in
Datadog under Logs, Explorer with
source:axiorank.
Every event arrives as one structured log. The secrets in each call are already redacted at write time, so your SIEM gets the evidence without the credential.
Install the tile
Find AxioRank on the Datadog Integrations page and click Install. The tile provisions:
- A log pipeline bound to
source:axiorankthat maps the AxioRankdecisionto the Datadog status (deny to error, hold to warn, allow to info), exposesrisk_scoreas a measure, sets the event time fromcreated_at, and mapstrace_idto the reserved trace id. - AxioRank, AI Governance Overview: decisions over time, deny rate, top blocked agents and tools, risk over time, and shadow-AI discoveries.
- AxioRank, Threats and Compliance: high-risk events, kill chains by trace, information-flow (taint) blocks, the enforcing policies, egress hosts, and an exportable evidence stream of denied and held calls.
- Four recommended monitors: deny-rate spike, high-risk kill chain, taint-block surge, and shadow-AI discovery surge.
Facets you get
| Facet | Meaning |
|---|---|
status | Derived from decision: deny to error, hold to warn, allow to info. |
@decision | allow, hold, or deny. |
@risk_score | Risk of the call, 0 to 100 (a measure). |
@agent_id | The agent that made the call. |
@tool_name | The tool or function invoked. |
@matched_policy_id | The policy that decided the call. |
@taint_blocked · @taint_tags | Information-flow blocks and the data provenance behind them. |
@trace_id | Stitches the steps of one agent run into a kill chain. |
@event_type · @provider | Shadow-AI discovery findings and the provider involved. |
What the dashboards do and do not show
Spend and cost are not part of the streamed audit log today, so there is no
cost widget. The "inbound" style signals on the dashboards come from
information-flow blocks (@taint_blocked) and streamed shadow-AI discovery
findings, not a separate inbound feed. Cost and spend live in the AxioRank
console, not in this stream.
Next steps
- Audit export: the same log as NDJSON or CSV, on demand.
- Audit integrity: what each event records and how it is signed.
- Policies: the rules that produce the decisions you see in Datadog.
WordPress
Verify the AI agents that reach your WordPress REST API, admin, and dynamic endpoints with the AxioRank Agent Verification plugin. A thin client of the inbound verify endpoint, with monitor and enforce modes.
Gateway API
The raw HTTP contract behind every AxioRank SDK, callable from any language.