Skip to main content

Devo Exchange has released a new Activeboard for you to get more out of your data!

 

User Activity

Devo Web Activity Monitoring Activeboard allows you to monitor Devo Web Activity for all users in your Devo domain.  With it you can track:

  • User logins, location, activity, change of role, etc.
  • Alert changes and edits
  • Relay, Lookups, Aggregation tasks, Synthesis Tables and Reinjection activity

 

You will find this Activeboard full of useful widgets that will give you a complete picture of Devo Web Activity.  Download it now!

 

Download directly from Devo Exchange

 

Learn more at our Devo Documentation Portal

Hello Juan,

 

I’m looking for some guidelines to create a detection when a malware was observed and then in 30 minutes there's no evidence of it was not handled by the AV  (i.e. cleaned, quarantined, dropped or blocked).

Hello Tgomez!

This is an excellent question, let me get this in front of a few people and it will also make for a great content piece as well!

Hello @tgomez I am sorry this took me so long. an effort to make this answer into a longer document proved unfruitful.  Will keep working on it!
My friend @Ryan Whelan provides some insight for you:

If you can find this action in a query you can save that query as an alert to fire when the conditions are met.   You can also create a lookup that you can add the malware and relevant fields to, then create an alert with a subquery to reference the lookup.

Let me know if that helps!

Terms & ConditionsCookie settings