Datadog Observability Pipelines now integrates with EDR systems such as SentinelOne Singularity Endpoint, CrowdStrike, and Microsoft Defender. These platforms monitor IT infrastructure to detect, alert on, and respond to cyber threats, but also generate high volumes of log data that can be expensive to store and difficult to extract actionable information from. To help solve these challenges, Observability Pipelines aggregates EDR logs directly from vendors and cloud storage, parses, standardizes, and enriches them for routing to SentinelOne Singularity Data Lake. The platform allows users to collect a variety of EDR logs, parse and standardize them, filter out low-value logs, generate metrics, and reduce log volumes by deduping and sampling logs. By doing so, Observability Pipelines enables security teams to centralize log processing, improve threat detection, and avoid vendor lock-in.