• Services & Support
  • Devo.com
  • Contact
    • Contact Us
    • Request a Demo
    • Partner Inquiry
  • Log In
    • USA Devo
    • EU Devo
  • The Devo data operations platform
    • Deployment models
    • How Devo works
    • Key concepts
  • Getting started
    • Sign up and log in
    • Navigating the Devo app
    • User preferences
    • Devo video tutorials
  • Domain administration
    • Users and roles
      • Managing users
      • Monitoring user activity
      • Managing roles
    • User authentication
      • Multi-factor authentication
      • SAML
        • Google as an identity provider
        • Okta as an identity provider
        • OneLogin as an identity provider
    • Security credentials
    • Data processes and feeds
    • Domain preferences
  • Sending data to Devo
    • The Devo In-House Relay
      • Installing the Devo Relay
        • Install on a virtual machine
        • Install on an Ubuntu box
        • Install on a Unix-like box
      • Configuring the in-house relay
        • Customizing in-house relay settings
        • Defining relay rules
        • Managing the relay on the command line
        • Setting up high-availability
      • Relay troubleshooting tips
    • Event sources
      • Unix-like machines
        • Configuration packages for *nix
          • Ubuntu and Debian
          • Fedora and RHEL
          • CentOS V5-6
        • syslog configuration
          • rsyslog
            • Simple sending using rsyslog
            • Secure sending using rsyslog
            • Monitoring files using rsyslog
          • syslog-ng
            • Simple sending using syslog-ng
            • Secure sending using syslog-ng
            • Monitoring files using syslog-ng
          • syslog
          • SELinux configuration conflicts
      • Windows
        • Devo Agent for Windows
        • Snare Agent for Windows
        • Configuring WMI for Devo file monitoring
      • MacOS X
      • Cloud services
        • AWS S3 Buckets
        • Microsoft Azure
      • Commercial products
      • Custom apps
        • Java apps
          • JDK java.util.logging
          • Scoja client library
        • Node.js apps
        • Python apps
        • Sample code
    • Other data collection methods
      • HTTP endpoint
      • Logstash
    • Uploading log files
  • Supported technologies
    • About Devo tags
    • List of supported technologies
      • Antivirus
        • av.mcafee
      • Box (PC/Server)
        • box.iptables
        • box.stat
        • box.unix
        • box.vmware
        • box.win
      • Firewall
        • firewall.checkpoint
        • firewall.cisco
        • firewall.fortinet
        • firewall.huawei
        • firewall.juniper
        • firewall.meraki
        • firewall.paloalto
        • firewall.pfsense
        • firewall.sonicwall
        • firewall.sophos
        • firewall.stonegate
        • firewall.windows
      • Network
        • netstat.netflow
        • switch.cisco
      • Proxy
        • proxy.bluecoat
        • proxy.squid
      • Web
        • web.apache
        • web.apache.mod-security
        • web.iis
        • web.jboss
        • web.nginx
        • web.tomcat
      • Other technologies
        • db.mysql
        • dns.bind
        • my.app
        • social.salesforce
        • test.drop
        • test.keep
        • uba.varonis
        • unknown.unknown
  • Querying your data
    • Accessing data tables
      • Run a search using a finder
        • Use the default finder
        • Use a custom finder
          • Create a custom finder
          • Assign a custom finder to a role
          • Edit a custom finder
        • Use the aliased finder
          • Add a query to your aliased finder
      • Run a global search
      • Run a LINQ free text query
    • Working in the query window
      • Setting up a data table
        • Modifying the column layout
          • Arrange and resize columns
          • Hide and show columns
          • Change the position of column headers
          • Sort data
          • Setting a default table layout
        • Add a description to a data table
      • Building a query
        • Build a query using the query window tools
          • Filter data
            • Order group (filter)
            • String group (filter)
            • General group (filter)
            • Name group (filter)
            • Network group (filter)
            • Logic group (filter)
            • Web group (filter)
          • Group data
          • Aggregate data
            • Aggregation operations
          • Create columns
            • Order group
            • Arithmetic group
            • String group
            • General group
            • Date group
            • Name group
            • Network group
            • Geolocation group
            • Logic group
            • Flow group
            • Web group
            • Mathematical group
            • Conversion group
            • Cryptography group
            • Packet group
              • Ethernet operations
              • IPv4 operations
              • TCP operations
              • UDP operations
        • Build a query using LINQ
          • Filter data using LINQ
          • Group data using LINQ
          • Aggregate data using LINQ
          • Create new columns using LINQ
          • LINQ query examples
      • Generate charts
        • Affinity chord diagram
        • Availability timeline
        • Bipartite chord diagram
        • Bubble chart
        • Chart aggregation
        • Custom date chart aggregation
        • Flame graph
        • Flat world map by coordinates
        • Flat world map by country
        • Google animated heat map
        • Google area map
        • Google heat map
        • Graph diagram
          • Creating a graph diagram
          • Graph diagram menu
          • Monitor intranet traffic to dangerous websites
        • Histogram
        • Pie chart
        • Pie layered chart
        • Punch card
        • Sankey diagram
        • Scatter plot
        • Time heatmap
        • Voronoi treemap
      • Data enrichment
        • Upload a lookup table
        • Add lookup values to a data table
        • Manage lookup tables
        • Dynamic lookups
        • Threat lookups
      • Advanced data operations
        • Graphical correlation
          • Cross-Search Graph Diagram
          • Cross-Search Table Join
          • Cross-Search Sankey Diagram
          • Cross-Search Line Chart
        • Custom tables
          • Create a custom table
          • Merge a custom table with a query
          • Edit custom tables
        • Inject data to a new table
    • Managing your queries
      • Rename a query
      • Favorite queries
      • Last accessed queries
      • Check currently running queries
      • Add a description to your query
      • Block a query
      • Download a query
      • Close a query
    • Best practices for data search
  • Dashboards
    • Setup a data source
    • Create a new dashboard
    • Working with dashboard widgets
      • Availability timeline widget
      • Chord diagram widget
      • Circle world map widget
      • Color key value widget
      • Color world map widget
      • Column chart widget
      • Comparative chart widget
      • Funnel widget
      • Gauge meter widget
      • Google heatmap widget
      • Heat calendar widget
      • Line chart widget
        • Customize your Line chart
      • Monitoring widget
      • Pie chart widget
      • Punch card widget
      • Sectored pie chart widget
      • Table widget
      • Time heatmap widget
      • Tree diagram widget
      • Voronoi tree widget
    • Configuring and sharing dashboards
  • Panels
    • Using panels
    • Create and customize a panel
    • Adding an alert to a panel
    • Adding a query to a panel
  • Alerts and notifications
    • Configuring alerts
      • Create a new alert
        • Alert trigger methods
      • Set up an inactivity alert
      • Create an alert over an alert
      • Activate or deactivate an alert
      • Create a delivery method
        • Email delivery methods
        • HTTP-JSON delivery methods
        • Service Desk delivery methods
        • Jira delivery methods
        • Pushover delivery methods
        • PagerDuty delivery methods
      • Create an anti-flooding policy
      • Create a sending policy
      • Assign a sending policy to an alert
      • Make an alert available for panels
      • Modify or delete an alert
    • Managing triggered alerts
      • Add a comment to a triggered alert
      • Apply a filter for post-processing
    • Pre-installed alert reference
    • Notifications
  • Applications
    • Security Insights
      • Installing Security Insights
        • Security alerts
      • Navigating the Security Insights application
        • Overview tab
        • Threats tab
        • Network tab
        • DNS tab
        • Proxy tab
        • Firewall tab
        • Web tab
        • IDS tab
  • Social Intelligence
  • API reference
    • REST API v2
      • Authorization methods
      • How to query with API v2
        • Forwarding query responses to HDFS
        • Forwarding query responses to Kafka
        • Forwarding query responses to S3
        • Send requests with Postman
      • Job requests
    • Provisioning API
    • OData API feeds management
      • Connecting with Excel
      • Connecting with Tableau
      • Connecting with Power BI
PREVIOUS
OneLogin as an identity provider
NEXT
Data processes and feeds

Domain administration / Security credentials

Download as PDF

Security credentials

The Administration → Credentials area consists of three tabs:

  • Access keys - Consult and copy the API keys and API secrets used to set up the Devo In-House Relay and authorize your API requests.
  • X.509 certificates - Download the X.509 SSL/TLS certificates used to create secure channels between data sources and Devo.
  • HTTP/APIv2 tokens - Generate OAuth tokens used to send data using the HTTP protocol and authorize API requests.

The following video describes the security credentials and how to access them:


Access keys

When an account is created, a pair of access keys (API key and API secret) is automatically generated. The purpose of these credentials is to provide security for REST or query protocol communications with Devo API services.

Click the Create new APIkey button to generate a new pair of access keys. You can display an API key/secret by clicking Show in the required column. Click the icon next to the key to copy it to your clipboard.

Click the ellipsis icon at the end of a row and select Delete to remove a pair of access keys.

X.509 Certificates

These certificates are used to make secure Syslog protocol requests to Devo. Select Chain CA to download the Certificate Authority certificates and click New Certificate to generate a new set of certificates.

Select the name of the required certificate to download it. Click the ellipsis icon at the end of a row and select Delete to remove those certificates.

HTTP/APIv2 tokens

This is where you can manage the existing OAuth tokens or generate new ones. You can create tokens to query data using the Devo API or tokens to send data using an HTTP endpoint.

You can delete or disable any existing tokens shown in the list. When you delete a token, it is completely removed from the platform. If you disable a token, you will be able to enable it later using the ellipsis menu. To generate a new token:

  1. Click Create new token.

  2. Enter a Token name.
  3. Select one of the three possible allowed actions for the new token.

    Http Send Create a token to send data using HTTP. See the HTTP endpoint article for more information.
    Queries with Api v2 Use this token to restrict API v2 query requests to a specific set of tables. With this kind of token you can start, stop and remove your own jobs or any matching the target tables.
    Queries with Api v2 and task/jobs administrator This is the same as Queries with Api v2, but allows you to start, stop, or remove any job within your domain. See the Authorization methods article for more information.
  4. Use the Target table(s) field to limit the tables in which the token will be used. Use wildcards as needed to reference a family of tables. The following table describes how to use wildcard symbols to specify the tables in the Target table(s) field.

    Wildcard Description Example Matches


    ?

    Matches a single character where the wildcard is placed.

    siem.logtrust.web.inf?

    siem.logtrust.web.info

    firewall.fortinet.even?.user firewall.fortinet.event.user


    *

    Matches zero or more characters in only one tag element

    siem.logtrust.alert.*


    siem.logtrust.alert.info

    siem.logtrust.alert.error

    web.a*.error web.apache.error



    **


    Matches zero or more characters in one or more tag elements

    web.aws.**

    web.aws.elb.access


    firewal.fortinet.**

    firewal.fortinet.event.user

    firewal.fortinet.event.vpn

    firewall.fortinet.traffic.forward

    firewall.fortinet.traffic.local

  5. Click Accept to create the token.

To view and edit the details of a token, go to Administration → Data Management and select the API/OData tab. Learn more in the Data processes and feeds article.

Download as PDF

Did you find what you were looking for?

If not, please let us know what you need. Your feedback will help us to improve.

PREVIOUS
OneLogin as an identity provider
NEXT
Data processes and feeds

Export

See what Devo can do for you. Request a demo!
Discover what's new (Release notes)
  • Services & Support
  • Devo.com
  • Contact
    • Contact Us
    • Request a Demo
    • Partner Inquiry
  • Log In
    • USA Devo
    • EU Devo
  • +1 888 6830910 (USA)
  • +34 900 838 880 (Spain)
Copyright © 2019 Legal Terms Privacy Policy Cookies Policy

Powered by Confluence and Scroll Viewport