DataDog · shubhamvekariya-crest · Dec 17, 2025 · Dec 17, 2025 · Dec 17, 2025 · Dec 17, 2025
@@ -732,6 +732,11 @@ plaid/assets/logs/                                                  @DataDog/saa
 /guarddog/manifest.json                                              @DataDog/agent-integrations @DataDog/documentation
 /guarddog/assets/logs/                                               @DataDog/agent-integrations @DataDog/documentation @DataDog/logs-integrations-reviewers
 
+/cato_networks/                                                      @DataDog/saas-integrations
+/cato_networks/*.md                                                  @DataDog/saas-integrations @DataDog/documentation
+/cato_networks/manifest.json                                         @DataDog/saas-integrations @DataDog/documentation
+/cato_networks/assets/logs/                                          @DataDog/saas-integrations @DataDog/documentation @DataDog/logs-integrations-reviewers
+
 # To keep Security up-to-date with changes to the signing tool.
 /datadog_checks_dev/datadog_checks/dev/tooling/signing.py             @DataDog/agent-integrations
 # As well as the secure downloader.

@@ -121,6 +121,8 @@ integration/cassandra:
 - cassandra/**/*
 integration/cassandra_nodetool:
 - cassandra_nodetool/**/*
+integration/cato_networks:
+- cato_networks/**/*
 integration/celery:
 - celery/**/*
 integration/ceph:

@@ -0,0 +1,7 @@
+# CHANGELOG - cato_networks
+
+## 1.0.0 / 2025-12-17
+
+***Added***:
+
+* Initial Release
@@ -0,0 +1,75 @@
+## Overview
+
+[Cato Networks][1] provides a single-vendor Secure Access Service Edge (SASE) platform that converges SD-WAN, global private networking, and a full network security stack into a cloud-based service.
+
+This integration ingests the following logs:
+
+- **Audit Logs**: These logs provide detailed information on admin actions performed within the system.
+- **Events**: These logs provide detailed insights into security, detection and response, connectivity, and system events within the Cato Networks platform.
+
+Integrate Cato Networks with Datadog to gain insights into audit logs and events using pre-built dashboard visualizations. Datadog uses its built-in log pipelines to parse and enrich these logs, facilitating easy search and detailed insights. Additionally, the integration can be used for Cloud SIEM detection rules for enhanced monitoring and security.
+
+## Setup
+
+### Audit Log Collection
+
+#### Obtaining Client Credentials
+1. Log in to Cato Networks platform and navigate to **Resources** > **Service API Keys**.
+2. In the **Service API Keys** tab, click **New** and provide the following details:
+    - Select the **Service Principal**.
+    - Enter the **Key Name**.
+    - Set the **API Permission** as **Downgrade to View**.
+    - Set **Any IP** under the **Allow access from IPs** section.
+3. Click **Apply** button and copy the **Token**.
+4. Navigate to **Account** > **Account Info** and copy the **Account ID**.
+5. Identify your Cato Networks Region by checking the prefix of your URL: 
+    - `cc.us1.catonetworks.com` - us1 
+    - `cc.catonetworks.com` - Keep region as empty
+
+#### Connect your Cato Networks Account to Datadog
+
+1. Add your `Cato Account ID`, `API Token` and `Region`.
+   | Parameters | Description |
+   | ---------- | ---------------------------------------------- |
+   | Cato Account ID | The account ID from your Cato Networks platform URL |
+   | API Token | The API Token of your Cato Networks platform |
+   | Region | The prefix from your Cato Networks platform URL |
+2. Click **Save**.
+
+
+### Event Log collection
+
+#### Configure AWS S3 Bucket
+When configuring the AWS bucket, use **cato-networks** as the **S3 prefix**.
+For more information, see [Configuring the AWS S3 Bucket][2].
+
+#### Set up event integration in CATO networks
+For more information on configuring the event integration in a CATO network, see [Adding Amazon S3 Integration for Events][3].
+
+#### Configure Datadog Forwarder
+See information on configuring the [Datadog Forwarder][4].
+
+
+## Data collected
+
+### Logs
+
+The Cato Networks integration collects and forwards audit logs and events to Datadog.
+
+### Metrics
+
+The Cato Networks integration does not include any metrics.
+
+### Events
+
+The Cato Networks integration does not include any events.
+
+## Troubleshooting
+
+Need help? Contact [Datadog support][5].
+
+[1]: https://www.catonetworks.com/
+[2]: https://support.catonetworks.com/hc/en-us/articles/9726441847965-Integrating-Cato-Events-with-AWS-S3#h_01K06PD8YPXBZJH5P0BP625BB1
+[3]: https://support.catonetworks.com/hc/en-us/articles/9726441847965-Integrating-Cato-Events-with-AWS-S3#h_01K06PD8YP6JCM5618J4YYDFAS
+[4]: https://docs.datadoghq.com/logs/guide/forwarder/?tab=cloudformation
+[5]: https://docs.datadoghq.com/help/