Integrations/Datadog

Monitor your Cloudsmith workspace in Datadog

Cloudsmith's Datadog integration surfaces real-time metrics from your artifact platform directly in Datadog. Track storage, bandwidth, entitlement token usage, vulnerability scan results, and audit logs alongside the rest of your infrastructure - so your team never faces a surprise overage or a blind spot in your software supply chain.

How we support Datadog

Cloudsmith gives your team full observability into your artifact platform from within Datadog. Track usage, security, and compliance without leaving the tools you already rely on.
    Storage and bandwidth monitoring
    Track real-time storage and bandwidth consumption across your Cloudsmith workspace. Automated alerts fire at 75% and 85% of plan limits, giving your team time to act before overages hit.
    Entitlement token visibility
    Monitor the number of active entitlement tokens, total downloads, and bandwidth consumed per token. Identify runaway token usage before it escalates into an unexpected bill.
    Vulnerability scan results
    Cloudsmith automatically scans packages for CVEs on upload. Scan results surface directly in your Datadog dashboards, so security issues are visible alongside the rest of your observability data.
    Audit log alerting
    All Cloudsmith audit events - repository changes, package deletions, quarantines, and policy violations - are collected in the Datadog Event Explorer. Set up alerts in Datadog to catch suspicious activity the moment it happens.
    Pre-built containerised agent
    Cloudsmith publishes a pre-built Datadog Agent container image with the Cloudsmith check pre-installed and pinned. Deploy it directly to remove manual setup steps and prevent version drift in your observability pipeline.

Why teams integrate Cloudsmith with Datadog

Without visibility into your artifact platform, storage overages and security incidents surface too late. Connecting Cloudsmith to Datadog closes that gap.
Without CloudsmithTeams have no visibility into Cloudsmith storage or bandwidth consumption from within their existing observability tooling. Overages only become apparent when a bill arrives, with no opportunity to respond ahead of time.
With CloudsmithStorage and bandwidth metrics stream directly into Datadog dashboards in real time. Threshold alerts at 75% and 85% of plan limits give your team advance warning, so you can adjust retention rules or limits before costs escalate.
Without CloudsmithSecurity events like CVE scan findings, quarantined packages, and policy violations live in a separate Cloudsmith UI. Engineers must log into multiple tools to correlate artifact security issues with the broader infrastructure picture.
With CloudsmithVulnerability scan results and audit log events flow into the Datadog Event Explorer tagged with source:cloudsmith. Your team can set up monitors and alerts in Datadog, keeping artifact security visible alongside application and infrastructure health.
Without CloudsmithEntitlement token abuse and unusual download patterns go undetected until bandwidth spikes trigger unexpected overage charges. There is no automated signal to alert teams when specific tokens are consuming a disproportionate share of bandwidth.
With CloudsmithPer-token download counts and bandwidth metrics surface in Datadog, with repository-level tagging so you can filter by individual repositories or package formats. Anomalous token activity triggers alerts before it becomes a billing or security problem.

Frequently asked questions

  1. The integration collects storage usage, bandwidth consumption, entitlement token activity, vulnerability scan results, audit log events, and member metrics. All data surfaces in Datadog dashboards and the Event Explorer, tagged with source:cloudsmith.

  2. The Cloudsmith check is a Datadog Community Integration and is not bundled with the Datadog Agent by default. Run datadog-agent integration install -t datadog-cloudsmith==1.3.0 on your agent host, then configure cloudsmith.d/conf.yaml with your Cloudsmith API key and organisation name. Alternatively, use Cloudsmith's pre-built containerised Datadog Agent image, which ships with the check pre-installed.

  3. Yes. Once the integration is configured, a Cloudsmith Overview dashboard is available in your Datadog account. It groups widgets by storage, bandwidth, token usage, vulnerability data, and audit events, giving you an immediate operational view without any custom configuration.

  4. The Cloudsmith check returns a WARNING status when storage or bandwidth usage reaches 75% of your plan limit and a CRITICAL status at 85%. These feed directly into Datadog monitors, so you can route notifications to Slack, PagerDuty, or any other channel you already use.

  5. Yes. Repository metrics are tagged with repository:, allowing you to filter dynamically in Datadog using dashboard template variables. You can also scope bandwidth profiles by package format, such as Python or Docker, directly in the agent configuration.

  6. Events are collected every five minutes by default to keep API request volume manageable. Real-time bandwidth metrics are enabled by default and can be toggled via the enable_realtime_bandwidth setting. The analytics interval is configurable via the bandwidth_interval setting.

  7. Yes. Cloudsmith automatically scans supported package formats for CVEs on upload. Scan results are included in the integration output and appear in the Cloudsmith Overview dashboard, giving security teams a consolidated view of artifact vulnerability status within Datadog.

  8. All Cloudsmith audit events are collected, including repository creation and deletion, modifications to repository settings, package deletions, quarantine events, and policy violation records. Events appear in the Datadog Event Explorer and can trigger monitors for security alerting workflows.

  9. You need a Cloudsmith API key and your organisation slug. These are configured in cloudsmith.d/conf.yaml on your Datadog Agent host. Cloudsmith recommends using a dedicated service account with read-only permissions scoped to the metrics and audit endpoints.

  10. Cloudsmith publishes a Docker image built on the official Datadog Agent base that ships with the Cloudsmith integration pre-installed and pinned to a known-good version. Use it when you run Datadog in containerised environments and want to avoid manually installing and maintaining the Cloudsmith check across agent instances.

Integrations

Discover more Cloudsmith Integrations