The following are key concepts and are important to understanding how Devo works.
An aggregation performs a calculation, such as count or average, on events that have been previously grouped in a data table. The result of the calculation appears in a new table column. For more information, see Aggregate data.
Alerts are messages that can be configured to notify users of important system events, either in real-time or scheduled. Go to Configuring alerts for additional information.
Charts are graphical representations of information intended to make information easier to understand. You can build charts after running a search, in the query window. Devo offers a rich gallery of charts you can use depending on your needs.
Dashboards are visual representations of the results of your search queries through widgets updated in real-time. There is a great variety of widgets available to represent the data in different ways.
A data source automatically feeds dashboard widgets or any customized monitoring applications in real time.
A data table is the result of passing the received data through a parser. Events are displayed in rows with data parsed into fields, which appear in columns. Each column is assigned a specified data type such as string, integer, IP, date, etc. After running a search, you will be taken to the query window, where you can visualize and work with the data table displaying the events in the selected tag. See Working in the query window for more information.
Domains are environments that enable access to different subsets of the data in your organization. Your company can have one or many domains and a user can be granted access to just one or to many domains as needed. If you have access to multiple domains, during the login process, you will be prompted to select the domain you want to enter. Read Sign up and log in for further information.
An event is a single collection of data, as is a record in a log file. In Devo, all events have tags assigned to them to identify some key characteristics and to group them into virtual data tables in Devo. In this way, you can select a tag to see all the events it includes and visualize and work with them in the corresponding data table.
Apply filters to data tables to isolate or exclude specified field values. Filters offer several operations you can use to get the data you need.
Using this process you can create charts joining two or more tables using a common field. For more information, see Graphical correlation.
Events in a data table can easily be grouped by time periods to facilitate analysis. Grouping is required in order to subsequently apply aggregation operations on the data. See the Group data article for more information.
Lookup tables enable you to extend or enrich data tables by correlating source data with data in a lookup data file. Lookup tables can be feed with either external data or a data table content (dynamic lookups). See Data enrichment for more information.
You can use panels to create a graphical representation of a business process or sketch the infrastructure of a system by linking different elements. Panels also allow you to associate queries and alerts in real-time to the elements added.
Permalinks are URL links pointing directly to shared dashboards. They can be easily shared with other users but access rights are necessary to view the dashboards.
A query is the definition of the specific data you want to get, after applying all the required operations in a data table such as filters, grouping data or performing data aggregation. You can build your queries manipulating the table data in the Devo query window, or writing them directly using the LINQ language. Go to Building a query to learn how to do it.
The query window is where you are taken after running a search in Devo. This window displays the data in the selected tag arranged as a table that you can customize according tou your needs. The query window toolbar offers a wide range of operation you can perform to show only the required data and build your query.
A mechanism used to securely send data to Devo using virtualization software (VMWare, VirtualBox, and two versions of Hyper-V). Relays are available for download and need to be previously configured. Learn more in The Devo In-House Relay.
Tags are a hierarchical labeling mechanism used by Devo to parse log data into fields in a data table. Every event should have a tag structure that identifies its logs.
Embedded applications that you can add to a dashboard and used to show data in different ways. Each widget shows a type of graph and has specific configuration rules. Go to Working with dashboard widgets to learn more.