• Services & Support
  • Devo.com
  • Contact
    • Contact Us
    • Request a Demo
    • Partner Inquiry
  • Log In
    • USA Devo
    • EU Devo
  • The Devo data operations platform
    • Deployment models
    • How Devo works
    • Key concepts
  • Getting started
    • Sign up and log in
    • Navigating the Devo app
    • User preferences
    • Devo video tutorials
  • Domain administration
    • Users and roles
      • Managing users
      • Monitoring user activity
      • Managing roles
    • User authentication
      • Multi-factor authentication
      • SAML
        • Google as an identity provider
        • Okta as an identity provider
        • OneLogin as an identity provider
    • Security credentials
    • Data processes and feeds
    • Domain preferences
  • Sending data to Devo
    • The Devo In-House Relay
      • Installing the Devo Relay
        • Install on a virtual machine
        • Install on an Ubuntu box
        • Install on a Unix-like box
      • Configuring the in-house relay
        • Customizing in-house relay settings
        • Defining relay rules
        • Managing the relay on the command line
        • Setting up high-availability
      • Relay troubleshooting tips
    • Event sources
      • Unix-like machines
        • Configuration packages for *nix
          • Ubuntu and Debian
          • Fedora and RHEL
          • CentOS V5-6
        • syslog configuration
          • rsyslog
            • Simple sending using rsyslog
            • Secure sending using rsyslog
            • Monitoring files using rsyslog
          • syslog-ng
            • Simple sending using syslog-ng
            • Secure sending using syslog-ng
            • Monitoring files using syslog-ng
          • syslog
          • SELinux configuration conflicts
      • Windows
        • Devo Agent for Windows
        • Snare Agent for Windows
        • Configuring WMI for Devo file monitoring
      • MacOS X
      • Cloud services
        • AWS S3 Buckets
        • Microsoft Azure
      • Commercial products
      • Custom apps
        • Java apps
          • JDK java.util.logging
          • Scoja client library
        • Node.js apps
        • Python apps
        • Sample code
    • Other data collection methods
      • HTTP endpoint
      • Logstash
    • Uploading log files
  • Supported technologies
    • About Devo tags
    • List of supported technologies
      • Antivirus
        • av.mcafee
      • Box (PC/Server)
        • box.iptables
        • box.stat
        • box.unix
        • box.vmware
        • box.win
      • Firewall
        • firewall.checkpoint
        • firewall.cisco
        • firewall.fortinet
        • firewall.huawei
        • firewall.juniper
        • firewall.meraki
        • firewall.paloalto
        • firewall.pfsense
        • firewall.sonicwall
        • firewall.sophos
        • firewall.stonegate
        • firewall.windows
      • Network
        • netstat.netflow
        • switch.cisco
      • Proxy
        • proxy.bluecoat
        • proxy.squid
      • Web
        • web.apache
        • web.apache.mod-security
        • web.iis
        • web.jboss
        • web.nginx
        • web.tomcat
      • Other technologies
        • db.mysql
        • dns.bind
        • my.app
        • social.salesforce
        • test.drop
        • test.keep
        • uba.varonis
        • unknown.unknown
  • Querying your data
    • Accessing data tables
      • Run a search using a finder
        • Use the default finder
        • Use a custom finder
          • Create a custom finder
          • Assign a custom finder to a role
          • Edit a custom finder
        • Use the aliased finder
          • Add a query to your aliased finder
      • Run a global search
      • Run a LINQ free text query
    • Working in the query window
      • Setting up a data table
        • Modifying the column layout
          • Arrange and resize columns
          • Hide and show columns
          • Change the position of column headers
          • Sort data
          • Setting a default table layout
        • Add a description to a data table
      • Building a query
        • Build a query using the query window tools
          • Filter data
            • Order group (filter)
            • String group (filter)
            • General group (filter)
            • Name group (filter)
            • Network group (filter)
            • Logic group (filter)
            • Web group (filter)
          • Group data
          • Aggregate data
            • Aggregation operations
          • Create columns
            • Order group
            • Arithmetic group
            • String group
            • General group
            • Date group
            • Name group
            • Network group
            • Geolocation group
            • Logic group
            • Flow group
            • Web group
            • Mathematical group
            • Conversion group
            • Cryptography group
            • Packet group
              • Ethernet operations
              • IPv4 operations
              • TCP operations
              • UDP operations
        • Build a query using LINQ
          • Filter data using LINQ
          • Group data using LINQ
          • Aggregate data using LINQ
          • Create new columns using LINQ
          • LINQ query examples
      • Generate charts
        • Affinity chord diagram
        • Availability timeline
        • Bipartite chord diagram
        • Bubble chart
        • Chart aggregation
        • Custom date chart aggregation
        • Flame graph
        • Flat world map by coordinates
        • Flat world map by country
        • Google animated heat map
        • Google area map
        • Google heat map
        • Graph diagram
          • Creating a graph diagram
          • Graph diagram menu
          • Monitor intranet traffic to dangerous websites
        • Histogram
        • Pie chart
        • Pie layered chart
        • Punch card
        • Sankey diagram
        • Scatter plot
        • Time heatmap
        • Voronoi treemap
      • Data enrichment
        • Upload a lookup table
        • Add lookup values to a data table
        • Manage lookup tables
        • Dynamic lookups
        • Threat lookups
      • Advanced data operations
        • Graphical correlation
          • Cross-Search Graph Diagram
          • Cross-Search Table Join
          • Cross-Search Sankey Diagram
          • Cross-Search Line Chart
        • Custom tables
          • Create a custom table
          • Merge a custom table with a query
          • Edit custom tables
        • Inject data to a new table
    • Managing your queries
      • Rename a query
      • Favorite queries
      • Last accessed queries
      • Check currently running queries
      • Add a description to your query
      • Block a query
      • Download a query
      • Close a query
    • Best practices for data search
  • Dashboards
    • Setup a data source
    • Create a new dashboard
    • Working with dashboard widgets
      • Availability timeline widget
      • Chord diagram widget
      • Circle world map widget
      • Color key value widget
      • Color world map widget
      • Column chart widget
      • Comparative chart widget
      • Funnel widget
      • Gauge meter widget
      • Google heatmap widget
      • Heat calendar widget
      • Line chart widget
        • Customize your Line chart
      • Monitoring widget
      • Pie chart widget
      • Punch card widget
      • Sectored pie chart widget
      • Table widget
      • Time heatmap widget
      • Tree diagram widget
      • Voronoi tree widget
    • Configuring and sharing dashboards
  • Panels
    • Using panels
    • Create and customize a panel
    • Adding an alert to a panel
    • Adding a query to a panel
  • Alerts and notifications
    • Configuring alerts
      • Create a new alert
        • Alert trigger methods
      • Set up an inactivity alert
      • Create an alert over an alert
      • Activate or deactivate an alert
      • Create a delivery method
        • Email delivery methods
        • HTTP-JSON delivery methods
        • Service Desk delivery methods
        • Jira delivery methods
        • Pushover delivery methods
        • PagerDuty delivery methods
      • Create an anti-flooding policy
      • Create a sending policy
      • Assign a sending policy to an alert
      • Make an alert available for panels
      • Modify or delete an alert
    • Managing triggered alerts
      • Add a comment to a triggered alert
      • Apply a filter for post-processing
    • Pre-installed alert reference
    • Notifications
  • Applications
    • Security Insights
      • Installing Security Insights
        • Security alerts
      • Navigating the Security Insights application
        • Overview tab
        • Threats tab
        • Network tab
        • DNS tab
        • Proxy tab
        • Firewall tab
        • Web tab
        • IDS tab
  • Social Intelligence
  • API reference
    • REST API v2
      • Authorization methods
      • How to query with API v2
        • Forwarding query responses to HDFS
        • Forwarding query responses to Kafka
        • Forwarding query responses to S3
        • Send requests with Postman
      • Job requests
    • Provisioning API
    • OData API feeds management
      • Connecting with Excel
      • Connecting with Tableau
      • Connecting with Power BI
PREVIOUS
Sending data to Devo
NEXT
Installing the Devo Relay

Sending data to Devo / The Devo In-House Relay

Download as PDF

The Devo In-House Relay

Put simply, the Devo In-House Relay is a software application that listens on its ports to receive inbound events, apply processing rules to the events, then forward them over a secure channel using SSL/TLS encryption to the Devo Cloud. We strongly recommend that you set up and use a Devo Relay, especially when it's not possible to send events directly from the source system to the Devo Cloud securely and with its associated tag. 

In addition to tagging events based on configurable rules and providing a secure channel to the Devo Cloud, the relay also:

  • Sends the events signed with SSL certificate authentication.
  • Eliminates the need to enable isolated event sources with internet access.
  • Offers the ability to compress the data to minimize bandwidth requirements for sending.
  • Uses rules to apply filters in order to weed out the events you don't need to save in your Devo Cloud.
  • Temporarily stores the events in buffer in case there's an outbound connection error, so that it can resend the events when the connection is restored.

Is it necessary to use a Devo Relay?

No, it's not always necessary to use the relay. If an event source has internet connectivity, can correctly tag its events, and send them over a secure channel to the Devo Cloud, you can send them directly. For example, you can monitor system logs files on Unix-like servers, then send them properly tagged and over a secure channel to the Devo Cloud by using the rsyslog or syslog-ng protocols. 

However, even when an event source can send events correctly to the Devo Cloud, the In-house Relay provides some additional benefits:

  • Optimized cloud storage - You can configure the relay to filter out unecessary events before forwarding to the Devo Cloud.
  • Minimize bandwidth requirements - The relay compresses event data for faster data transmission.
  • Avoid data loss - The relay retains events in buffer so that transient connection errors don't result in data loss.

Related articles

  • Installing the Devo Relay
  • Configuring the in-house relay
  • Relay troubleshooting tips

Download as PDF

Did you find what you were looking for?

If not, please let us know what you need. Your feedback will help us to improve.

PREVIOUS
Sending data to Devo
NEXT
Installing the Devo Relay

Export

See what Devo can do for you. Request a demo!
Discover what's new (Release notes)
  • Services & Support
  • Devo.com
  • Contact
    • Contact Us
    • Request a Demo
    • Partner Inquiry
  • Log In
    • USA Devo
    • EU Devo
  • +1 888 6830910 (USA)
  • +34 900 838 880 (Spain)
Copyright © 2019 Legal Terms Privacy Policy Cookies Policy

Powered by Confluence and Scroll Viewport