Recently active topics

Team Devo is happy to present Devo Platform 8.17.4, which introduces new features to Data Search and Administration.  For Data Search, we have introduced a new progress bar, providing a visual indicator for searches in progress.  The JQ operators are now aligned in functionality between API and Data Search. New functionality for the Peak operator, it now supports both IPv4 and IPv6. In Administration, you can now manage tokens through RBAC, complete with token obsfucation! This Product update combines the release information from Platform 8.17.0 and 8.17.4. Read on to see the full details. Release GeosRegion Status CA Released US Released EU Released APAC Released   Table of ContentsNew Features Data search: New progress bar Copy in Field Header Menu “Peek” and “Is in” support net4 Improvements Administration: Role-Based Access Control (RBAC) for tokens LINQ unification project udpate Data Search Event Count Administration Roles update Internal Audit Logs Bug Fix

The Devo Parser is one of the secret spices of our unique Hyperstream technology. The Parsers organize raw events stored in tags in different columns and display them in the corresponding tables. This method completely bypasses data indexing and contributes to Devo's amazing search speeds. Every data source is unique, so we have a great catalog of existing parsers. Our teams review parser performance, build new parsers and update parsers on a regular basis. This article covers all the updated and new parsers available this month. If you require a new parser, please open a support ticket through the support portal located here. You can also visit the new Resources Portal, a single page for all your customer resources!Table of Contents  Updated Parserscloud.azureImprovements Fixed parsing of the action field to standardize its value: cloud.azure.firewall.network_rule Added Added new parser: cloud.azure.cache.connectedclientlist cloud.azure.contregistry.repositoryevents cloud.azu

 Every month, the integrations team work on new and updated collectors for you, and I collect them all in this Catalog Update. This post contains new and updated collector information as well as links to their respective pages in our Documentation portal. Be advised that some pages in Documentation may not be available at the time of posting but will be added as soon as they are available. To request new collectors or an update to an existing collector, please open a support ticket through the Support Portal. You can also visit the new Resources Portal, a single page for all your customer resources!  Table of ContentsUpdated Collectors Azure collector v2.7.0 Alibaba Cloud Collector v1.8.0 Log Injector collector v3.1.1 AWS SQS Collector v1.12.0 Microsoft Defender ATP Endpoint Collector v3.2.0 Trend Micro Vision One Collector v1.7.0 Imperva Collector v1.4.0 Box API collector v2.3.0 Atlassian Collector v1.2.0 Fastly Next-Gen WAF collector v1.5.0  Updated CollectorsAzure collector

The Devo Parser is one of the secret spices of our unique Hyperstream technology. The Parsers organize raw events stored in tags in different columns and display them in the corresponding tables. This method completely bypasses data indexing and contributes to Devo's amazing search speeds. Every data source is unique, so we have a great catalog of existing parsers. Our teams review parser performance, build new parsers and update parsers on a regular basis. This article covers all the updated and new parsers available this month. If you require a new parser, please open a support ticket through the support portal located here. You can also visit the new Resources Portal, a single page for all your customer resources!  Table of ContentsUpdated Parsers box.win edr.eset firewall.paloalto waf.owasp network.juniper  Updated Parsersbox.winImprovements Parsed and added the CallerProcessId field: box.win_nxlog.security box.win_nxlog Updated mapping of logonProc field: box.all.win

Every month, the integrations team work on new and updated collectors for you, and I collect them all in this Catalog Update. This post contains new and updated collector information as well as links to their respective pages in our Documentation portal. Be advised that some pages in Documentation may not be available at the time of posting but will be added as soon as they are available. To request new collectors or an update to an existing collector, please open a support ticket through the Support Portal. You can also visit the new Resources Portal, a single page for all your customer resources! Table of ContentsUpdated Collectors Alibaba Cloud Collector v1.7.0 Cloudflare Collector v1.5.0 Log Injector collector v3.0.0  Updated CollectorsAlibaba Cloud Collector v1.7.0Changed The DCSDK Docker base image has been updated from "1.6.0" to "1.8.0" Exposed parameter to configure base64 encoding as true or false for SMQ service Exposed parameter to configure acknowledge message as true

The Devo Parser is one of the secret spices of our unique Hyperstream technology. The Parsers organize raw events stored in tags in different columns and display them in the corresponding tables. This method completely bypasses data indexing and contributes to Devo's amazing search speeds. Every data source is unique, so we have a great catalog of existing parsers. Our teams review parser performance, build new parsers and update parsers on a regular basis. This article covers all the updated and new parsers available this month. If you require a new parser, please open a support ticket through the support portal located here. You can also visit the new Resources Portal, a single page for all your customer resources! Table of ContentsUpdated Parsers mdm.kandji box.win-fluentbit mail.egress auth.all cloud.azure network.cisco ftp.crushftp web.iis cloud.azure edr.microsoft_defender cloud.aws box.win_nxlog firewall.paloalto box.as400_powertech cims.equifax  Updated Parsersmdm

Devo AI Assist is an intelligent assistant that enables you to interact with the Devo platform using natural language. Instead of learning complex query syntax or navigating through multiple screens, simply describe what you want to accomplish, and Devo AI Assist will execute the appropriate actions for you. In Release 1.7.0, we’ve introduced new query samples and rules to build cleaner queries, we’ve added instructions to identify alerts by ID as well as new alert samples from our best designers to build better alerts! Devo AI assist is now generally available, talk to your CSM or Devo Contact to deploy in your environment. Table of ContentsChange Log for AI Assist prompt General Guardrails introduced. Query Improvements Alert Improvements Clean up  Change Log for AI Assist prompt General Guardrails introduced.Devo AI Assist has a few limitations and these have been made explicit in the prompt so it alerts you when you run into them.7 Day lookback If table is not found or has no da

Every month, the integrations team work on new and updated collectors for you, and I collect them all in this Catalog Update. This post contains new and updated collector information as well as links to their respective pages in our Documentation portal. Be advised that some pages in Documentation may not be available at the time of posting but will be added as soon as they are available. To request new collectors or an update to an existing collector, please open a support ticket through the Support Portal. You can also visit the new Resources Portal, a single page for all your customer resources! Table of ContentsUpdated Collectors Tencent Cloud Collector v1.6.0 Crowdstrike API Resources v1.15.0 Alibaba Cloud Collector v1.6.0 TenableIO collector v2.3.0 Trend Micro Vision Collector v1.6.0 Netskope v2api Collector v2.2.0 Microsoft Office365 Management Collector v2.8.0 Okta Auth0 Collector v2.0.1 Microsoft Graph Collector v3.3.0 Jumpcloud Collector v1.4.0 Salesforce collector