We know that in Devo we access our data by using the finder tool, which can be found in the Data search area.
Let’s recall what we’ve learned by using the finder to look at the events that have been ingested by Devo up to now.
How many hierarchical tag levels does the finder contain?
How many brands of firewalls have sent events to this domain at least once?
How many brands of proxy have sent events to the domain in the last month?
Use the filter to double check that the domain does have tables containing the “offlinesales2020” tag. Does it?
Use the finder to get to the
siem.logtrustlevel. These SIEM tables log system data from the domain. You can think of it as a SIEM logging itself. For example, open the
siem.logtrust.collector.counterdata table. Then check the “object” field. This information is very valuable to Arcadia’s recently created team, as they can check which data sources are already up and running.
The Finder has a time filter to show the tags/technologies that have sent events to the domain.