{"id":13785,"date":"2020-06-10T12:14:56","date_gmt":"2020-06-10T16:14:56","guid":{"rendered":"http:\/\/www.iri.com\/blog\/?p=13785"},"modified":"2020-06-11T16:48:05","modified_gmt":"2020-06-11T20:48:05","slug":"datadog-security-analytics-darkshield","status":"publish","type":"post","link":"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/","title":{"rendered":"Feeding Datadog with Voracity Part 4: Security Analytics from DarkShield Logs"},"content":{"rendered":"

This article is the fourth in our 4-part series<\/a> on feeding the Datadog cloud analytic platform with different kinds of data from <\/i>IRI Voracity<\/i><\/a> operations. It focuses on visualizing search logs from the DarkShield unstructured data masking product (also a Voracity component) in Datadog for security analytics. Previous articles in the series cover: the speed advantage of wrangling data in Voracity for Datadog, how you stage and feed Voracity BI data to Datadog, and visualizing that wrangled data in Datadog.<\/i><\/p>\n

In the prior articles of this series, I demonstrated the acceleration of Datadog visualizations by wrangling data in the external IRI data processing program called SortCL<\/a>. SortCL performs fast data manipulations for IRI CoSort<\/a> and other jobs in the Voracity big data management platform.<\/p>\n

Beyond CoSort and among other component products<\/a> in Voracity is IRI DarkShield<\/a> for finding and masking sensitive data (e.g., PII) in semi-structured and unstructured data sources. In this article, I will show you how Datadog can also be logged with DarkShield search results for the purpose of \u2018security analytics.\u2019 Compare this to what I demonstrated with Splunk in this article<\/a>.<\/p>\n

Using DarkShield<\/b><\/h5>\n

DarkShield was built to discover, deliver, and delete sensitive data in many \u2018dark data\u2019 sources<\/a>, including: unstructured text files, including logs and emails, as well as semi-structured files like JSON and XML, plus PDF and MS documents, image files, NoSQL DB collections, and even RDBs and flat-files where PII may exist in random locations (i.e., float) within fixed columns.<\/p>\n

Indeed in this example, I will use DarkShield to search for sensitive data in the same UK company data CSV (.csv) file I used in previous articles in our Datadog series. Note that I could also use an IRI Field<\/i>Shield data discovery wizard<\/a> like Flat-File Profile or Directory Data Class Search in IRI Workbench to find sensitive data in CSV fields, but those don\u2019t find floating <\/i>PII.<\/p>\n

\"\"<\/a><\/p>\n

So, I launch the Dark<\/i>Shield \u201cDark Data Search\/Masking Job\u201d wizard IRI Workbench instead:<\/p>\n

\"\"<\/a><\/p>\n

When the wizard opens, I specify the directory of my input, the type of files (in this case, CSV), the directory of output. This should be a directory monitored by Datadog for .darkdata<\/i> files to log. See article 2 of the series for more details on setting up logging with Datadog.<\/p>\n

Next, set up Data Class matchers to discover exactly the types of sensitive data you want to find in DarkShield:<\/p>\n

\"\"<\/a><\/p>\n

Then, run the .search<\/i> file the wizard produced (as an IRI search job) to actually discover the sensitive information you classified<\/a>; i.e., the items and their search methods defined in data classes and specified in the DarkShield job configuration.<\/p>\n

DarkShield Search Results<\/b><\/h5>\n

Running the .search file produces a .darkdata<\/i> file. It is an XML report and tree view of the search results. It contains information about the sensitive data that was found — what it was (the class of data), where it is (its source file), and the search matcher (method) that found it:<\/p>\n

\"\"<\/a><\/p>\n

Datadog can be used to more graphically illustrate this information to help data security analysts visually peruse the types and location of sensitive data DarkShield\u2019s search detected.<\/p>\n

To begin, make sure that logging has been configured correctly, as described in the second article<\/a> of this series. In the conf.yaml file that was described in that article, ensure that the path is set to the directory you will want to monitor, then add \u201c*.darkdata\u201d to the end. This specifies that all .darkdata <\/i>files will be logged to Datadog.<\/p>\n

Since .darkdata <\/i>files are in XML format, Datadog will automatically parse them, and there is no need to create a pipeline and custom parsing rules.<\/p>\n

This is a sample of the conf.yaml I used to collect .darkdata<\/i> files from a specified folder. The log_processing_rules is an additional setting in this file used to specify logs as multi-line:<\/p>\n

\"\"<\/a><\/p>\n

Once the .darkdata<\/i> file has been logged, new dashboards can be created, or edited from the current dashboard list. These options are available under the \u201cDashboards\u201d menu in the Datadog web interface.<\/p>\n

There are many widgets available to design dashboards with. These include free text, time series graphs, query values, tables, top lists, images, log streams, and more.<\/p>\n

See the image below for some of these options. Note that not all of them are specifically suited for logs, as some only allow for values collected by Datadog regarding system and infrastructure metrics.<\/p>\n

\"\"<\/a><\/p>\n

Clicking on one of the widget options in the menu will bring up an editor that allows you to design and customize the visualization. Here, I clicked on the log stream widget. This allows you to narrow down results with Datadog\u2019s search functionality.<\/p>\n

Columns (from facets, similar to the concept of fields) can be selected as well from this editor. The time range of logs to base the visualization off of, the optional title for the visualization, and design formatting can all be specified from the editor and previewed:<\/p>\n

\"\"<\/a><\/p>\n

I used the .darkdata <\/i>results of the UK Company Data file mentioned earlier to create a dashboard depicting how many sensitive data matches were found, and what were the most common matches.<\/p>\n

\"\"<\/a><\/p>\n

Data Dog Security Alerts<\/b><\/h5>\n

Once your DarkShield search results are in Datadog, you can also set up alerts that get triggered when certain thresholds are reached. For example, you can tell Datadog to send an email when it sees more than 100 values belonging to a particular data class, or if there is a particular value, or are a certain number of them, as revealed in the DarkShield .search <\/i>file.<\/p>\n

\"\"<\/a><\/p>\n

Datadog supports a number of different communication protocols:<\/p>\n

\"\"<\/a><\/p>\n

Alerting to one of these protocols is specified using the format:<\/p>\n

@<INTEGRATION_NAME>-<VALUES><\/pre>\n
Different alerts can be sent depending on the severity of the warning. Also, when specific values are matched, special alerts can be sent. Datadog alerts<\/a> are discussed in detail within the Datadog documentation, and are a powerful way to act upon events hidden within raw data.<\/p>\n
Conclusion<\/b><\/h5>\n
Datadog can thus be part of the IRI DarkShield operational pipeline to create a comprehensive, real-time system for visualizing and acting on sensitive data in a wide range of on-premise or cloud platforms and applications. Together, these products reveal where various classes and ranges of data are, and when DarkShield should actually mask them.<\/p>\n
If you have any questions about the use of DarkShield or any other data-driven operation that can feed Datadog, please contact voracity@iri.com<\/a>. Click here<\/a> to return to the start of this series and here for the previous<\/a> article.<\/p>\n","protected":false},"excerpt":{"rendered":"
This article is the fourth in our 4-part series on feeding the Datadog cloud analytic platform with different kinds of data from IRI Voracity operations. It focuses on visualizing search logs from the DarkShield unstructured data masking product (also a Voracity component) in Datadog for security analytics. Previous articles in the series cover: the speed<\/p>\n
Read More<\/a><\/div>\n","protected":false},"author":119,"featured_media":13799,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"footnotes":""},"categories":[108,32],"tags":[273,373,1472,1388,850,981,1404,1216],"class_list":["post-13785","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-big-data-2","category-business-intelligence","tag-bi","tag-bi-tool-acceleration","tag-datadog","tag-iri-darkshield","tag-iri-workbench","tag-logging","tag-security-alert","tag-voracity"],"acf":[],"yoast_head":"\nFeeding Datadog with Voracity Part 4: Security Analytics from DarkShield Logs - IRI<\/title>\n<meta name=\"description\" content=\"Beyond CoSort and among other component products in Voracity is IRI DarkShield for finding and masking sensitive data (e.g., PII) in semi-structured and\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Feeding Datadog with Voracity Part 4: Security Analytics from DarkShield Logs\" \/>\n<meta property=\"og:description\" content=\"Beyond CoSort and among other component products in Voracity is IRI DarkShield for finding and masking sensitive data (e.g., PII) in semi-structured and\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/\" \/>\n<meta property=\"og:site_name\" content=\"IRI\" \/>\n<meta property=\"article:published_time\" content=\"2020-06-10T16:14:56+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2020-06-11T20:48:05+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.iri.com\/blog\/wp-content\/uploads\/2020\/06\/datadog-captured.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1600\" \/>\n\t<meta property=\"og:image:height\" content=\"784\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Devon Kozenieski\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Devon Kozenieski\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"5 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/\"},\"author\":{\"name\":\"Devon Kozenieski\",\"@id\":\"https:\/\/www.iri.com\/blog\/#\/schema\/person\/de972c035aaeecfc40a3ae2ea5ff7ba1\"},\"headline\":\"Feeding Datadog with Voracity Part 4: Security Analytics from DarkShield Logs\",\"datePublished\":\"2020-06-10T16:14:56+00:00\",\"dateModified\":\"2020-06-11T20:48:05+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/\"},\"wordCount\":1096,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.iri.com\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.iri.com\/blog\/wp-content\/uploads\/2020\/06\/datadog-captured.png\",\"keywords\":[\"BI\",\"bi tool acceleration\",\"DataDog\",\"IRI DarkShield\",\"IRI Workbench\",\"logging\",\"security alert\",\"Voracity\"],\"articleSection\":[\"Big Data\",\"Business Intelligence (BI)\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/\",\"url\":\"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/\",\"name\":\"Feeding Datadog with Voracity Part 4: Security Analytics from DarkShield Logs - IRI\",\"isPartOf\":{\"@id\":\"https:\/\/www.iri.com\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.iri.com\/blog\/wp-content\/uploads\/2020\/06\/datadog-captured.png\",\"datePublished\":\"2020-06-10T16:14:56+00:00\",\"dateModified\":\"2020-06-11T20:48:05+00:00\",\"description\":\"Beyond CoSort and among other component products in Voracity is IRI DarkShield for finding and masking sensitive data (e.g., PII) in semi-structured and\",\"breadcrumb\":{\"@id\":\"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/#primaryimage\",\"url\":\"https:\/\/www.iri.com\/blog\/wp-content\/uploads\/2020\/06\/datadog-captured.png\",\"contentUrl\":\"https:\/\/www.iri.com\/blog\/wp-content\/uploads\/2020\/06\/datadog-captured.png\",\"width\":1600,\"height\":784},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.iri.com\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Feeding Datadog with Voracity Part 4: Security Analytics from DarkShield Logs\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.iri.com\/blog\/#website\",\"url\":\"https:\/\/www.iri.com\/blog\/\",\"name\":\"IRI\",\"description\":\"Total Data Management Blog\",\"publisher\":{\"@id\":\"https:\/\/www.iri.com\/blog\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.iri.com\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.iri.com\/blog\/#organization\",\"name\":\"IRI\",\"url\":\"https:\/\/www.iri.com\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.iri.com\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.iri.com\/blog\/wp-content\/uploads\/2019\/02\/iri-logo-total-data-management-small-1.png\",\"contentUrl\":\"https:\/\/www.iri.com\/blog\/wp-content\/uploads\/2019\/02\/iri-logo-total-data-management-small-1.png\",\"width\":750,\"height\":206,\"caption\":\"IRI\"},\"image\":{\"@id\":\"https:\/\/www.iri.com\/blog\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.iri.com\/blog\/#\/schema\/person\/de972c035aaeecfc40a3ae2ea5ff7ba1\",\"name\":\"Devon Kozenieski\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.iri.com\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/e4c421588c1a85dd9a76146fe15528f7?s=96&d=blank&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/e4c421588c1a85dd9a76146fe15528f7?s=96&d=blank&r=g\",\"caption\":\"Devon Kozenieski\"},\"url\":\"https:\/\/www.iri.com\/blog\/author\/devonk\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Feeding Datadog with Voracity Part 4: Security Analytics from DarkShield Logs - IRI","description":"Beyond CoSort and among other component products in Voracity is IRI DarkShield for finding and masking sensitive data (e.g., PII) in semi-structured and","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/","og_locale":"en_US","og_type":"article","og_title":"Feeding Datadog with Voracity Part 4: Security Analytics from DarkShield Logs","og_description":"Beyond CoSort and among other component products in Voracity is IRI DarkShield for finding and masking sensitive data (e.g., PII) in semi-structured and","og_url":"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/","og_site_name":"IRI","article_published_time":"2020-06-10T16:14:56+00:00","article_modified_time":"2020-06-11T20:48:05+00:00","og_image":[{"width":1600,"height":784,"url":"https:\/\/www.iri.com\/blog\/wp-content\/uploads\/2020\/06\/datadog-captured.png","type":"image\/png"}],"author":"Devon Kozenieski","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Devon Kozenieski","Est. reading time":"5 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/#article","isPartOf":{"@id":"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/"},"author":{"name":"Devon Kozenieski","@id":"https:\/\/www.iri.com\/blog\/#\/schema\/person\/de972c035aaeecfc40a3ae2ea5ff7ba1"},"headline":"Feeding Datadog with Voracity Part 4: Security Analytics from DarkShield Logs","datePublished":"2020-06-10T16:14:56+00:00","dateModified":"2020-06-11T20:48:05+00:00","mainEntityOfPage":{"@id":"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/"},"wordCount":1096,"commentCount":0,"publisher":{"@id":"https:\/\/www.iri.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/#primaryimage"},"thumbnailUrl":"https:\/\/www.iri.com\/blog\/wp-content\/uploads\/2020\/06\/datadog-captured.png","keywords":["BI","bi tool acceleration","DataDog","IRI DarkShield","IRI Workbench","logging","security alert","Voracity"],"articleSection":["Big Data","Business Intelligence (BI)"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/","url":"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/","name":"Feeding Datadog with Voracity Part 4: Security Analytics from DarkShield Logs - IRI","isPartOf":{"@id":"https:\/\/www.iri.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/#primaryimage"},"image":{"@id":"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/#primaryimage"},"thumbnailUrl":"https:\/\/www.iri.com\/blog\/wp-content\/uploads\/2020\/06\/datadog-captured.png","datePublished":"2020-06-10T16:14:56+00:00","dateModified":"2020-06-11T20:48:05+00:00","description":"Beyond CoSort and among other component products in Voracity is IRI DarkShield for finding and masking sensitive data (e.g., PII) in semi-structured and","breadcrumb":{"@id":"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/#primaryimage","url":"https:\/\/www.iri.com\/blog\/wp-content\/uploads\/2020\/06\/datadog-captured.png","contentUrl":"https:\/\/www.iri.com\/blog\/wp-content\/uploads\/2020\/06\/datadog-captured.png","width":1600,"height":784},{"@type":"BreadcrumbList","@id":"https:\/\/www.iri.com\/blog\/business-intelligence\/datadog-security-analytics-darkshield\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.iri.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Feeding Datadog with Voracity Part 4: Security Analytics from DarkShield Logs"}]},{"@type":"WebSite","@id":"https:\/\/www.iri.com\/blog\/#website","url":"https:\/\/www.iri.com\/blog\/","name":"IRI","description":"Total Data Management Blog","publisher":{"@id":"https:\/\/www.iri.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.iri.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.iri.com\/blog\/#organization","name":"IRI","url":"https:\/\/www.iri.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.iri.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.iri.com\/blog\/wp-content\/uploads\/2019\/02\/iri-logo-total-data-management-small-1.png","contentUrl":"https:\/\/www.iri.com\/blog\/wp-content\/uploads\/2019\/02\/iri-logo-total-data-management-small-1.png","width":750,"height":206,"caption":"IRI"},"image":{"@id":"https:\/\/www.iri.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.iri.com\/blog\/#\/schema\/person\/de972c035aaeecfc40a3ae2ea5ff7ba1","name":"Devon Kozenieski","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.iri.com\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/e4c421588c1a85dd9a76146fe15528f7?s=96&d=blank&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/e4c421588c1a85dd9a76146fe15528f7?s=96&d=blank&r=g","caption":"Devon Kozenieski"},"url":"https:\/\/www.iri.com\/blog\/author\/devonk\/"}]}},"jetpack_featured_media_url":"https:\/\/www.iri.com\/blog\/wp-content\/uploads\/2020\/06\/datadog-captured.png","_links":{"self":[{"href":"https:\/\/www.iri.com\/blog\/wp-json\/wp\/v2\/posts\/13785"}],"collection":[{"href":"https:\/\/www.iri.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.iri.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.iri.com\/blog\/wp-json\/wp\/v2\/users\/119"}],"replies":[{"embeddable":true,"href":"https:\/\/www.iri.com\/blog\/wp-json\/wp\/v2\/comments?post=13785"}],"version-history":[{"count":8,"href":"https:\/\/www.iri.com\/blog\/wp-json\/wp\/v2\/posts\/13785\/revisions"}],"predecessor-version":[{"id":13820,"href":"https:\/\/www.iri.com\/blog\/wp-json\/wp\/v2\/posts\/13785\/revisions\/13820"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.iri.com\/blog\/wp-json\/wp\/v2\/media\/13799"}],"wp:attachment":[{"href":"https:\/\/www.iri.com\/blog\/wp-json\/wp\/v2\/media?parent=13785"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.iri.com\/blog\/wp-json\/wp\/v2\/categories?post=13785"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.iri.com\/blog\/wp-json\/wp\/v2\/tags?post=13785"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}