Credentials

The Administration → Credentials area consists of three tabs:

The following video describes the security credentials and how to access them:


Access keys

When an account is created, a pair of access keys (API key and API secret) is automatically generated. The purpose of these credentials is to provide security for REST or query protocol communications with Devo API services.

  1. Click the Create new APIkey button to generate a new pair of access keys.
  2. You can display an API key/secret by clicking Show in the required column. Click the icon next to the key to copy it to your clipboard.

  3. Click the ellipsis icon at the end of a row and select Delete to remove a pair of access keys.

X.509 certificates

These certificates are used to make secure Syslog protocol requests to Devo. 

  1. Select Chain CA to download the Certificate Authority certificates.
  2. Click New certificate to generate a new set of certificates.
  3. Select the name of the required certificate to download it.
  4. Click the ellipsis icon at the end of a row and select Delete to remove those certificates.

HTTP/APIv2 tokens

This is where you can manage the exisiting HTTP and APIv2 tokens or generate new ones. 

You can delete or disable any existing tokens shown in the list. When you delete a token, it is completely removed from the platform. If you disable a token, you will be able to enable it later using the ellipsis menu. To generate a new token:

  1. Click Create new token.

  2. Enter a Token name.
  3. Select one of the three possible allowed actions for the new token.

    Http Send Create a token to send data using HTTP. See the HTTP sending article for more information.
    Queries with Api v2 Use this token to restrict API v2 query requests to a specific set of tables. With this kind of token you can start, stop and remove your own jobs or any matching the target tables.
    Queries with Api v2 and task/jobs administrator This is the same as Queries with Api v2, but allows you to start, stop, or remove any job within your domain. See the Authorization methods article for more information.
  4. Use the Target table(s) field to limit the tables in which the token will be used. Use wildcards as needed to make reference to a family of tables. The following table describes how to use wildcard symbols to specify the tables in the Target table(s) field.

    Wildcard Description Example Matches


    ?

    Matches a single character where the wildcard is placed.

    siem.logtrust.web.inf?

    siem.logtrust.web.info

    firewall.fortinet.even?.user firewall.fortinet.event.user


    *

    Matches zero or more characters in only one tag element

    siem.logtrust.alert.*


    siem.logtrust.alert.info

    siem.logtrust.alert.error

    web.a*.error web.apache.error



    **


    Matches zero or more characters in one or more tag elements

    web.aws.**

    web.aws.elb.access


    firewal.fortinet.**

    firewal.fortinet.event.user

    firewal.fortinet.event.vpn

    firewall.fortinet.traffic.forward

    firewall.fortinet.traffic.local

  5. Click Accept to create the token.

To view and edit the details of a token, go to Administration → Data Management and select the API/OData tab. Learn more in the Data management article.

Have we answered your question?

If not, please contact our technical support team via email by clicking the button below.

CONTACT US