DDSaaS: HubSpot Content Hub: Crawler Integration v1.0.0 (#18670)

* initial commit * modified labeler.yml file * HubSpot Content Hub crawler integration with assets * updated sample logs and dashboard images * Addressed HubSpot review comments - updated readme.md file - updated monitors title - updated dashboard description * Modified codeowners file * Update HubSpot readme.md file * Update HubSpot monitors name --------- Co-authored-by: narendranandaniya-crest <narendra.nandaniya@crestdata.ai>
DataDog · Nov 13, 2024 · ce551bc · ce551bc
1 parent 0463253
commit ce551bc
Show file tree

Hide file tree

Showing 21 changed files with 9,538 additions and 15 deletions.
diff --git a/.github/CODEOWNERS b/.github/CODEOWNERS
@@ -349,10 +349,10 @@ datadog_checks_base/datadog_checks/base/checks/windows/              @DataDog/wi
 /trend_micro_vision_one_endpoint_security/manifest.json             @DataDog/saas-integrations @DataDog/documentation
 /trend_micro_vision_one_endpoint_security/assets/logs/              @DataDog/saas-integrations @DataDog/documentation @DataDog/logs-backend
 
-hubspot_content_hub/                                                @DataDog/saas-integrations
-hubspot_content_hub/*.md                                            @DataDog/saas-integrations @DataDog/documentation
-hubspot_content_hub/manifest.json                                   @DataDog/saas-integrations @DataDog/documentation
-hubspot_content_hub/assets/logs/                                    @DataDog/saas-integrations @DataDog/documentation @DataDog/logs-backend
+/hubspot_content_hub/                                               @DataDog/saas-integrations
+/hubspot_content_hub/*.md                                           @DataDog/saas-integrations @DataDog/documentation
+/hubspot_content_hub/manifest.json                                  @DataDog/saas-integrations @DataDog/documentation
+/hubspot_content_hub/assets/logs/                                   @DataDog/saas-integrations @DataDog/documentation @DataDog/logs-backend
 
 
 vonage/                                                @DataDog/saas-integrations

diff --git a/hubspot_content_hub/README.md b/hubspot_content_hub/README.md
@@ -2,17 +2,35 @@
 
 ## Overview
 
-HubSpot Content Hub is an all-in-one, AI-powered content marketing software that helps marketers create and manage content at scale. It helps create rich, expertise-backed content, in many formats, for many channels
+[HubSpot Content Hub][1] is an all-in-one content marketing software that helps marketers create and manage content at scale. It helps create rich, expertise-backed content across various formats and channels.
+
+The HubSpot Content Hub integration collects Activity Logs (audit, login, security) and Analytics Metrics (breakdown categories, content types), sending them to Datadog for detailed analysis. The logs are parsed and enriched for efficient searching, while the metrics provide insights into content performance.
+
+The integration includes dashboards that show and analyze both Activity Logs and Analytics Metrics, making it easier to monitor and understand trends and issues.
+
 
 ## Setup
 
 ### Configuration
 
-!!! Add list of steps to set up this integration !!!
+#### Get HubSpot Content Hub Credentials
+
+1. Log in to [HubSpot Content Hub][2] 
+2. Navigate to **Settings > Integrations > Private Apps**.
+3. Click **Create private app**, and then enter the required information.
+4. In the **Scopes** tab, click on **+Add New Scope**.
+5. Select the checkboxes for the following scopes and click on **Update**:
+   - **account-info.security.read**
+   - **business-intelligence**
+   - **content**
+6. Click on **Create app**.
+7. Review the details in the dialog box and click **Continue creating**.
+8. In the success popup, click **Show Token**.
 
-### Validation
+#### Add HubSpot Credentials
+
+- HubSpot Access Token 
 
-!!! Add steps to validate integration is functioning as expected !!!
 
 ## Data Collected
 
@@ -24,13 +42,18 @@ The HubSpot Content Hub integration collects and forward Activity logs to Datado
 
 The HubSpot Content Hub integration collects and forward Analytics metrics to Datadog.
 
+### Service Checks
+
+The HubSpot Content Hub integration does not include any service checks.
+
 ### Events
 
-HubSpot Content Hub integration does not include any events.
+The HubSpot Content Hub integration does not include any events.
 
 ## Troubleshooting
 
-Need help? Contact [Datadog support][1].
-
-[1]: https://docs.datadoghq.com/help/
+Need help? Contact [Datadog support][3].
 
+[1]: https://www.hubspot.com/products/content
+[2]: https://app.hubspot.com/login
+[3]: https://docs.datadoghq.com/help/
diff --git a/hubspot_content_hub/assets/dashboards/hubspot_content_hub_audit_activity.json b/hubspot_content_hub/assets/dashboards/hubspot_content_hub_audit_activity.json
diff --git a/hubspot_content_hub/assets/dashboards/hubspot_content_hub_content_analytics.json b/hubspot_content_hub/assets/dashboards/hubspot_content_hub_content_analytics.json
diff --git a/hubspot_content_hub/assets/dashboards/hubspot_content_hub_geolocation_analytics.json b/hubspot_content_hub/assets/dashboards/hubspot_content_hub_geolocation_analytics.json
diff --git a/hubspot_content_hub/assets/dashboards/hubspot_content_hub_login_activity.json b/hubspot_content_hub/assets/dashboards/hubspot_content_hub_login_activity.json
diff --git a/hubspot_content_hub/assets/dashboards/hubspot_content_hub_security_activity.json b/hubspot_content_hub/assets/dashboards/hubspot_content_hub_security_activity.json
diff --git a/hubspot_content_hub/assets/dashboards/hubspot_content_hub_source_analytics.json b/hubspot_content_hub/assets/dashboards/hubspot_content_hub_source_analytics.json
diff --git a/hubspot_content_hub/assets/hubspot_content_hub.svg b/hubspot_content_hub/assets/hubspot_content_hub.svg
diff --git a/hubspot_content_hub/assets/logs/hubspot-content-hub.yaml b/hubspot_content_hub/assets/logs/hubspot-content-hub.yaml
@@ -0,0 +1,219 @@
+id: hubspot-content-hub
+metric_id: hubspot-content-hub
+backend_only: false
+facets:
+  - groups:
+      - Web Access
+    name: User-Agent
+    path: http.useragent
+    source: log
+  - groups:
+      - Web Access
+    name: Browser
+    path: http.useragent_details.browser.family
+    source: log
+  - groups:
+      - Web Access
+    name: Device
+    path: http.useragent_details.device.family
+    source: log
+  - groups:
+      - Web Access
+    name: OS
+    path: http.useragent_details.os.family
+    source: log
+  - groups:
+      - Geoip
+    name: City Name
+    path: network.client.geoip.city.name
+    source: log
+  - groups:
+      - Geoip
+    name: Continent Code
+    path: network.client.geoip.continent.code
+    source: log
+  - groups:
+      - Geoip
+    name: Continent Name
+    path: network.client.geoip.continent.name
+    source: log
+  - groups:
+      - Geoip
+    name: Country ISO Code
+    path: network.client.geoip.country.iso_code
+    source: log
+  - groups:
+      - Geoip
+    name: Country Name
+    path: network.client.geoip.country.name
+    source: log
+  - groups:
+      - Geoip
+    name: Subdivision ISO Code
+    path: network.client.geoip.subdivision.iso_code
+    source: log
+  - groups:
+      - Geoip
+    name: Subdivision Name
+    path: network.client.geoip.subdivision.name
+    source: log
+  - groups:
+      - Web Access
+    name: Client IP
+    path: network.client.ip
+    source: log
+  - groups:
+      - User
+    name: User Email
+    path: usr.email
+    source: log
+  - groups:
+      - User
+    name: User ID
+    path: usr.id
+    source: log
+pipeline:
+  type: pipeline
+  name: HubSpot Content Hub
+  enabled: true
+  filter:
+    query: "source:hubspot-content-hub"
+  processors:
+    - type: pipeline
+      name: Audit Logs
+      enabled: true
+      filter:
+        query: "service:audit"
+      processors:
+        - type: date-remapper
+          name: Define `occurredAt` as the official date of the log
+          enabled: true
+          sources:
+            - occurredAt
+        - type: attribute-remapper
+          name: Map `actingUser.userId` to `usr.id`
+          enabled: true
+          sources:
+            - actingUser.userId
+          sourceType: attribute
+          target: usr.id
+          targetType: attribute
+          preserveSource: false
+          overrideOnConflict: false
+        - type: attribute-remapper
+          name: Map `actingUser.userEmail` to `usr.email`
+          enabled: true
+          sources:
+            - actingUser.userEmail
+          sourceType: attribute
+          target: usr.email
+          targetType: attribute
+          preserveSource: false
+          overrideOnConflict: false
+    - type: pipeline
+      name: Login Logs
+      enabled: true
+      filter:
+        query: "service:login"
+      processors:
+        - type: date-remapper
+          name: Define `loginAt` as the official date of the log
+          enabled: true
+          sources:
+            - loginAt
+        - type: attribute-remapper
+          name: Map `userId` to `usr.id`
+          enabled: true
+          sources:
+            - userId
+          sourceType: attribute
+          target: usr.id
+          targetType: attribute
+          preserveSource: false
+          overrideOnConflict: false
+        - type: attribute-remapper
+          name: Map `email` to `usr.email`
+          enabled: true
+          sources:
+            - email
+          sourceType: attribute
+          target: usr.email
+          targetType: attribute
+          preserveSource: false
+          overrideOnConflict: false
+        - type: attribute-remapper
+          name: Map `userAgent` to `http.useragent`
+          enabled: true
+          sources:
+            - userAgent
+          sourceType: attribute
+          target: http.useragent
+          targetType: attribute
+          preserveSource: false
+          overrideOnConflict: false
+        - type: attribute-remapper
+          name: Map `ipAddress` to `network.client.ip`
+          enabled: true
+          sources:
+            - ipAddress
+          sourceType: attribute
+          target: network.client.ip
+          targetType: attribute
+          preserveSource: false
+          overrideOnConflict: false
+        - type: user-agent-parser
+          name: Extract details from `http.useragent`
+          enabled: true
+          sources:
+            - http.useragent
+          target: http.useragent_details
+          encoded: false
+          combineVersionDetails: false
+    - type: pipeline
+      name: Security Logs
+      enabled: true
+      filter:
+        query: "service:security"
+      processors:
+        - type: date-remapper
+          name: Define `createdAt` as the official date of the log
+          enabled: true
+          sources:
+            - createdAt
+        - type: attribute-remapper
+          name: Map `userId` to `usr.id`
+          enabled: true
+          sources:
+            - userId
+          sourceType: attribute
+          target: usr.id
+          targetType: attribute
+          preserveSource: false
+          overrideOnConflict: false
+        - type: attribute-remapper
+          name: Map `actingUser` to `usr.email`
+          enabled: true
+          sources:
+            - actingUser
+          sourceType: attribute
+          target: usr.email
+          targetType: attribute
+          preserveSource: false
+          overrideOnConflict: false
+        - type: attribute-remapper
+          name: Map `ipAddress` to `network.client.ip`
+          enabled: true
+          sources:
+            - ipAddress
+          sourceType: attribute
+          target: network.client.ip
+          targetType: attribute
+          preserveSource: false
+          overrideOnConflict: false
+    - type: geo-ip-parser
+      name: GeoIP Parser for `network.client.ip` (ipAddress)
+      enabled: true
+      sources:
+        - network.client.ip
+      target: network.client.geoip
+      ip_processing_behavior: do-nothing