DataDog · hestonhoffman · Nov 10, 2025 · Nov 9, 2025 · Nov 9, 2025
@@ -47,6 +47,7 @@ export default {
   },
   tcp_endpoint: {
     us: 'agent-intake.logs.datadoghq.com',
+    us3: 'The US3 TCP endpoint is not supported.',
     us5: 'The US5 TCP endpoint is not supported.',
     eu: 'agent-intake.logs.datadoghq.eu',
     ap1: 'The AP1 endpoint is not supported.',
@@ -69,6 +70,15 @@ export default {
     ap2: 'The AP2 endpoint is not supported.',
     gov: 'The GOV TCP endpoint port is not supported.'
   },
+  hipaa_logs_legacy: {
+    us: 'tcp-encrypted-intake.logs.datadoghq.com<br>lambda-tcp-encrypted-intake.logs.datadoghq.com<br>gcp-encrypted-intake.logs.datadoghq.com<br>http-encrypted-intake.logs.datadoghq.com',
+    us3: 'lambda-tcp-encrypted-intake.logs.us3.datadoghq.com<br>gcp-encrypted-intake.logs.us3.datadoghq.com<br>http-encrypted-intake.logs.us3.datadoghq.com',
+    us5: 'lambda-tcp-encrypted-intake.logs.us5.datadoghq.com<br>gcp-encrypted-intake.logs.us5.datadoghq.com<br>http-encrypted-intake.logs.us5.datadoghq.com',
+    eu: 'tcp-encrypted-intake.logs.datadoghq.eu<br>lambda-tcp-encrypted-intake.logs.datadoghq.eu<br>gcp-encrypted-intake.logs.datadoghq.eu<br>http-encrypted-intake.logs.datadoghq.eu',
+    ap1: 'N/A',
+    ap2: 'N/A',
+    gov: 'lambda-tcp-encrypted-intake.logs.ddog-gov.com<br>gcp-encrypted-intake.logs.ddog-gov.com<br>http-encrypted-intake.logs.ddog-gov.com'
+  },
   web_integrations_endpoint: {
     us: 'intake.logs.datadoghq.com',
     us3: 'intake.logs.us3.datadoghq.com',
@@ -542,5 +552,14 @@ export default {
     ap1: 'config.ap1.datadoghq.com',
     ap2: 'violet.intake.ap2.datadoghq.com',
     gov: 'config.ddog-gov.com'
+  },
+  org_management_max_session_duration: {
+    us: '720 hours (30 days)',
+    us3: '720 hours (30 days)',
+    us5: '720 hours (30 days)',
+    eu: '720 hours (30 days)',
+    ap1: '720 hours (30 days)',
+    ap2: '720 hours (30 days)',
+    gov: '12 hours'
   }
 };
@@ -266,6 +266,7 @@ unsupported_sites:
   app_builder: [gov]
   application_security: [gov]
   autocomplete_search: [gov]
+  azure-private-link: [us,us5,eu,gov,ap1,ap2]
   backstage: [gov]
   bits_ai: [gov]
   bits_ai_sre: [gov, ap2]
@@ -285,7 +286,9 @@ unsupported_sites:
   eng_reports: [gov]
   events_from_sns_emails: [gov]
   feature_flags: [gov]
+  forwarding_audit_events: [gov]
   getting_started_feature_flags: [gov]
+  gcp-private-service-connect: [us,us3,gov,ap1,ap2]
   google-hangouts-chat: [gov]
   fips-compliance: [us,us3,us5,eu,ap1,ap2]
   fips-integrations: [us,us3,us5,eu,ap1,ap2]

@@ -8,17 +8,9 @@ further_reading:
   text: "Learn more about Audit Trail"
 ---
 
-{{% site-region region="gov" %}}
-<div class="alert alert-danger">
-Audit Event Forwarding is not available in the US1-FED site.
-</div>
-{{% /site-region %}}
-
-{{% site-region region="us,us3,us5,eu,ap1,ap2" %}}
 <div class="alert alert-danger">
 Audit Event Forwarding is in Preview.
 </div>
-{{% /site-region %}}
 
 ## Overview
 

@@ -64,20 +64,10 @@ Onboarding a new sub-organization with a set of baseline dashboards and monitors
 The custom sub-domain feature is not enabled by default. Contact [Datadog support][1] to have it enabled.
 
 If you are a member of multiple organizations, custom sub-domains help you identify the source of an alert or notification. Also, they can immediately switch you to the organization associated with the sub-domain.
-{{% site-region region="us,us3,us5,ap1,ap2" %}}
-For example, the URL `https://app.datadoghq.com/event/event?id=1` is associated with an event in Organization A. If a user is a member of both Organization A and Organization B, but is viewing Datadog within the context of Organization B, then that URL returns a `404 Not Found error`. The user must switch to Organization A using the [user account settings menu][2], then revisit the URL. However, with custom sub-domains, the user could navigate to `https://org-a.datadoghq.com/event/event?id=1` which would automatically switch the user's context to Organization A and display the correct page.
 
-**Note**: If you have a custom Datadog subdomain, manually edit the links from the Datadog documentation with your subdomain name. For example, a link redirecting to `https://**app**.datadoghq.com/account/settings` becomes `https://**<custom_sub-domain_name>**.datadoghq.com/account/settings`. {{% /site-region %}}
+For example, the URL **https:{{< region-param key=dd_full_site >}}/event/event?id=1** is associated with an event in Organization A. If a user is a member of both Organization A and Organization B, but is viewing Datadog within the context of Organization B, then that URL returns a `404 Not Found error`. The user must switch to Organization A using the [user account settings menu][2], then revisit the URL. However, with custom sub-domains, the user could navigate to **https://org-a.{{< region-param key=dd_site >}}/event/event?id=1** which would automatically switch the user's context to Organization A and display the correct page.
 
-{{% site-region region="eu" %}}
-For example, the URL `https://app.datadoghq.eu/event/event?id=1` is associated with an event in Organization A. If a user is a member of both Organization A and Organization B, but is viewing Datadog within the context of Organization B, then that URL returns a `404 Not Found error`. The user must switch to Organization A using the [user account settings menu][2], then revisit the URL. However, with custom sub-domains, the user could navigate to `https://org-a.datadoghq.eu/event/event?id=1` which would automatically switch the user's context to Organization A and display the correct page.
-
-**Note**: If you have a custom Datadog subdomain, manually edit the links from the Datadog documentation with your subdomain name. For example, a link redirecting to `https://**app**.datadoghq.eu/account/settings` becomes `https://**<custom_sub-domain_name>**.datadoghq.eu/account/settings`. {{% /site-region %}}
-
-{{% site-region region="gov" %}}
-For example, the URL `https://app.ddog-gov.com/event/event?id=1` is associated with an event in Organization A. If a user is a member of both Organization A and Organization B, but is viewing Datadog within the context of Organization B, then that URL returns a `404 Not Found error`. The user must switch to Organization A using the [user account settings menu][2], then revisit the URL. However, with custom sub-domains, the user could navigate to `https://org-a.ddog-gov.com/event/event?id=1` which would automatically switch the user's context to Organization A and display the correct page.
-
-**Note**: If you have a custom Datadog subdomain, manually edit the links from the Datadog documentation with your subdomain name. For example, a link redirecting to `https://**app**.ddog-gov.com/account/settings` becomes `https://**<custom_sub-domain_name>**.ddog-gov.com/account/settings`. {{% /site-region %}}
+**Note**: If you have a custom Datadog subdomain, manually edit the links from the Datadog documentation with your subdomain name. For example, a link redirecting to **https:{{< region-param key=dd_full_site >}}/account/settings** becomes **https://<custom_sub-domain_name>.{{< region-param key=dd_site >}}/account/settings**.
 
 ## Set up SAML
 

@@ -138,14 +138,8 @@ When enabled, users with `Modify Index` permission can choose any of the 3-, 7-,
 Users with the `Org Management` permission can set a maximum session duration for their organization. The duration applies to all new web sessions created after you change it, for all users, regardless of their role in the organization. It doesn't apply to Datadog mobile application sessions.
 
 The session duration can be configured within the following limits:
-{{% site-region region="gov" %}}
 - **Minimum duration:** 1 hour
-- **Maximum duration:** 12 hours
-{{% /site-region %}}
-{{% site-region region="us,eu,us3,us5,ap1,ap2" %}}
-- **Minimum duration:** 1 hour
-- **Maximum duration:** 720 hours (30 days)
-{{% /site-region %}}
+- **Maximum duration:** {{< region-param key=org_management_max_session_duration >}}
 
 {{< img src="account_management/org_settings/max_session_duration.png" alt="Max Session Duration Setting" style="width:70%;" >}}
 

@@ -22,14 +22,9 @@ Configuring [SAML (Security Assertion Markup Language)][1] for your Datadog acco
 
 {{% site-region region="us,us3,us5,eu,ap1,ap2" %}}
 - If you don't have SAML enabled on your Datadog account, reach out to [support][2] to enable it.
-- This documentation assumes that you already have a SAML Identity Provider (IdP). If you do not have a SAML IdP, there are several IdPs that have integrations with Datadog such as [Active Directory][3], [Auth0][4], [Google][5], [LastPass][6], [Microsoft Entra ID][3], [Okta][7], and [SafeNet][8].
-- SAML configuration requires [Datadog Administrator][9] access.
 {{% /site-region %}}
-
-{{% site-region region="gov" %}}
 - This documentation assumes that you already have a SAML Identity Provider (IdP). If you do not have a SAML IdP, there are several IdPs that have integrations with Datadog such as [Active Directory][3], [Auth0][4], [Google][5], [LastPass][6], [Microsoft Entra ID][3], [Okta][7], and [SafeNet][8].
 - SAML configuration requires [Datadog Administrator][9] access.
-{{% /site-region %}}
 
 ## Configuring SAML
 

@@ -102,104 +102,13 @@ API test results for the Synthetics Worker < v0.1.5: `api.`{{< region-param key=
 
 {{% /site-region %}}
 
-{{% site-region region="us" %}}
-[Logs][200] & [HIPAA logs][201]
-: TCP: `agent-intake.logs.datadoghq.com`<br>
-HTTP: `agent-http-intake.logs.datadoghq.com`<br>
-Other: See [logs endpoints][203]
-
-[HIPAA logs legacy][201]
-: `tcp-encrypted-intake.logs.datadoghq.com`<br>
-`lambda-tcp-encrypted-intake.logs.datadoghq.com`<br>
-`gcp-encrypted-intake.logs.datadoghq.com`<br>
-`http-encrypted-intake.logs.datadoghq.com`
-
-[200]: /logs/
-[201]: /data_security/logs/#hipaa-enabled-customers
-[203]: /logs/log_collection/#logging-endpoints
-{{% /site-region %}}
-
-{{% site-region region="eu" %}}
-[Logs][200] & [HIPAA logs][201]
-: TCP: `agent-intake.logs.datadoghq.eu`<br>
-HTTP: `agent-http-intake.logs.datadoghq.eu`<br>
-Other: See [logs endpoints][202]
-
-[HIPAA logs legacy][201]
-: `tcp-encrypted-intake.logs.datadoghq.eu`<br>
-`lambda-tcp-encrypted-intake.logs.datadoghq.eu`<br>
-`gcp-encrypted-intake.logs.datadoghq.eu`<br>
-`http-encrypted-intake.logs.datadoghq.eu`
-
-[200]: /logs/
-[201]: /data_security/logs/#hipaa-enabled-customers
-[202]: /logs/log_collection/#logging-endpoints
-{{% /site-region %}}
-
-{{% site-region region="us3" %}}
-[Logs][200] & [HIPAA logs][201]
-: HTTP: `agent-http-intake.logs.us3.datadoghq.com`<br>
-Other: See [logs endpoints][202]
-
-[HIPAA logs legacy][201]
-: `lambda-tcp-encrypted-intake.logs.us3.datadoghq.com`<br>
-`gcp-encrypted-intake.logs.us3.datadoghq.com`<br>
-`http-encrypted-intake.logs.us3.datadoghq.com`
-
-[200]: /logs/
-[201]: /data_security/logs/#hipaa-enabled-customers
-[202]: /logs/log_collection/#logging-endpoints
-{{% /site-region %}}
-
-{{% site-region region="us5" %}}
-[Logs][200] & [HIPAA logs][201]
-: HTTP: `agent-http-intake.logs.us5.datadoghq.com`<br>
-Other: See [logs endpoints][202]
-
-[HIPAA logs legacy][201]
-: `lambda-tcp-encrypted-intake.logs.us5.datadoghq.com`<br>
-`gcp-encrypted-intake.logs.us5.datadoghq.com`<br>
-`http-encrypted-intake.logs.us5.datadoghq.com`
-
-[200]: /logs/
-[201]: /data_security/logs/#hipaa-enabled-customers
-[202]: /logs/log_collection/#logging-endpoints
-{{% /site-region %}}
-
-{{% site-region region="ap1" %}}
-[Logs][200] & [HIPAA logs][201]
-: HTTP: `agent-http-intake.logs.ap1.datadoghq.com`<br>
-Other: See [logs endpoints][202]
-
-[200]: /logs/
-[201]: /data_security/logs/#hipaa-enabled-customers
-[202]: /logs/log_collection/#logging-endpoints
-{{% /site-region %}}
-
-{{% site-region region="ap2" %}}
-[Logs][200] & [HIPAA logs][201]
-: HTTP: `agent-http-intake.logs.ap2.datadoghq.com`<br>
-Other: See [logs endpoints][202]
-
-[200]: /logs/
-[201]: /data_security/logs/#hipaa-enabled-customers
-[202]: /logs/log_collection/#logging-endpoints
-{{% /site-region %}}
+[Logs][30] & [HIPAA logs][31]
+: TCP: {{< region-param key=tcp_endpoint code="true" >}}<br>
+HTTP: {{< region-param key=agent_http_endpoint code="true" >}}<br>
+Other: See [logs endpoints][32]
 
-{{% site-region region="gov" %}}
-[Logs][200] & [HIPAA logs][201]
-: HTTP: `agent-http-intake.logs.ddog-gov.com`<br>
-Other: See [logs endpoints][202]
-
-[HIPAA logs legacy][201]
-: `lambda-tcp-encrypted-intake.logs.ddog-gov.com`<br>
-`gcp-encrypted-intake.logs.ddog-gov.com`<br>
-`http-encrypted-intake.logs.ddog-gov.com`
-
-[200]: /logs/
-[201]: /data_security/logs/#hipaa-enabled-customers
-[202]: /logs/log_collection/#logging-endpoints
-{{% /site-region %}}
+[HIPAA logs legacy][31]
+: {{< region-param key=hipaa_logs_legacy code="true" >}}
 
 [Metrics][26], [Service Checks][27], [Events][28], and other Agent metadata
 : `<VERSION>-app.agent.`{{< region-param key="dd_site" code="true" >}}<br>
@@ -264,29 +173,13 @@ Open the following ports to benefit from all the **Agent** functionalities:
 
 #### Outbound
 
-{{% site-region region="us" %}}
-
-| Product/Functionality | Port | Protocol | Description |
-| ------  | ---- | ------- | ----------- |
-| Agent<br>APM<br>Containers<br>Live Processes<br>Metrics<br>Cloud Network Monitoring<br>Universal Service Monitoring | 443 | TCP | Most Agent data uses port 443. |
-| [Custom Agent Autoscaling][22] | 8443 | TCP |  |
-| Log collection | 10516 | TCP | Logging over TCP. See [logs endpoints][21] for other connection types. |
-| NTP | 123 | UDP | Network Time Protocol (NTP). See [default NTP targets][20].<br>For information on troubleshooting NTP, see [NTP issues][19]. |
-
-[19]: /agent/faq/network-time-protocol-ntp-offset-issues/
-[20]: /integrations/ntp/#overview
-[21]: /logs/log_collection/#logging-endpoints
-[22]: /containers/guide/cluster_agent_autoscaling_metrics
-
-{{% /site-region %}}
-
-{{% site-region region="eu" %}}
+{{% site-region region="us,eu" %}}
 
 | Product/Functionality | Port | Protocol | Description |
 | ------  | ---- | ------- | ----------- |
 | Agent<br>APM<br>Containers<br>Live Processes<br>Metrics<br>Cloud Network Monitoring<br>Universal Service Monitoring | 443 | TCP | Most Agent data uses port 443. |
 | [Custom Agent Autoscaling][22] | 8443 | TCP |  |
-| Log collection | 443 | TCP | Logging over TCP. See [logs endpoints][21] for other connection types. |
+| Log collection | {{< region-param key=web_integrations_port >}} | TCP | Logging over TCP. See [logs endpoints][21] for other connection types. |
 | NTP | 123 | UDP | Network Time Protocol (NTP). See [default NTP targets][20].<br>For information on troubleshooting NTP, see [NTP issues][19]. |
 
 [19]: /agent/faq/network-time-protocol-ntp-offset-issues/
@@ -435,3 +328,6 @@ If you are installing the Datadog Operator in a Kubernetes environment with limi
 [27]: /developers/service_checks/
 [28]: /events/
 [29]: /security/cloud_security_management/vulnerabilities/
+[30]: /logs/
+[31]: /data_security/logs/#hipaa-enabled-customers
+[32]: /logs/log_collection/#logging-endpoints
@@ -3,11 +3,6 @@ title: Connect to Datadog over Azure Private Link
 description: Configure Azure Private Link to send telemetry to Datadog securely without using the public internet, including endpoint setup and DNS configuration.
 ---
 
-{{% site-region region="us,us5,eu,gov,ap1,ap2" %}}
-<div class="alert alert-danger">This feature is not supported for the selected Datadog site.</div>
-{{% /site-region %}}
-
-{{% site-region region="us3" %}}
 [Azure Private Link][1] allows you to send telemetry to Datadog without using the public internet.
 
 Datadog exposes some of its data intake services as [Azure Private Link services][2].
@@ -94,4 +89,3 @@ Create a Private DNS Zone for `agent.`{{< region-param key="dd_site" code="true"
 [1]: https://azure.microsoft.com/en-us/products/private-link
 [2]: https://learn.microsoft.com/en-us/azure/private-link/private-link-service-overview
 [3]: https://learn.microsoft.com/en-us/azure/dns/private-dns-privatednszone
-{{% /site-region %}}
@@ -10,10 +10,6 @@ further_reading:
       text: 'Connect to Datadog over AWS PrivateLink'
 ---
 
-{{% site-region region="us,us3,gov,ap1,ap2" %}}
-<div class="alert alert-danger">This feature is not supported for the selected Datadog site.</div>
-{{% /site-region %}}
-
 {{% site-region region="us5" %}}
 [Google Cloud Private Service Connect][1] (PSC) allows you to send telemetry to Datadog without using the public internet.