Security teams can now use Scheduled Rules in Datadog Cloud SIEM to run detections on a defined schedule—ideal for identifying threats that require broader timeframes or advanced query capabilities with Calculated Fields.
Scheduled Rules add a powerful new threat detection model to Cloud SIEM’s existing real-time detection engine and help detect patterns like DNS tunneling, or slow-moving brute force attempts that might not trigger real-time signals.
To qualify for this Product Preview, you must be currently using or plan to use Cloud SIEM (purchased standalone or as an add-on) and must currently be sending logs from supported log sources.
Your response has been recorded. We’re reviewing your request and will follow up with next steps within 1-2 weeks. In the meantime, feel free to reach out to your CSM with any questions.