The following are key concepts and are important to understanding how Devo works.
An aggregation, also called an aggregate function, performs a calculation on a set of values in a query. In Devo, this means that it's a calculation that is run on values in grouped events - like a sum, average, minimum, maximum, or similar. The result of the calculation appears in a new table column. For more information, see Aggregate data.
An aggregation task is a process that Devo runs periodically to perform calculations in queries that are needed to feed dashboard widgets or applications. These tasks can be reviewed and managed in the Data Management area of the Administration menu.
Alerts are messages that can be configured to notify users when given conditions are met in a query. Alerts can be either real-time or scheduled and they can be distributed using different delivery methods and according to schedules defined in sending policies. For more information, see Alerts and Notifications.
Application Programing Interface. A set of defined methods of communication among various components. Devo uses APIs to help users easily analyze and get their data. See API reference to learn more.
Charts are graphical representations of information intended to make information easier to understand. You can build charts after running a search, in the query window. Devo offers a rich gallery of charts you can use depending on your needs.
Dashboards are visual representations of the results of your search queries through widgets updated in real-time. There is a great variety of widgets available to represent the data in different ways.
A data table is the result of passing the received data through a parser. Events are displayed in rows with data parsed into fields, which appear in columns. Each column is assigned a specified data type such as string, integer, IP, date, etc. After running a search, you will be taken to the query window, where you can visualize and work with the data table displaying the events in the selected tag. See Working in the query window for more information.
Domains are environments that enable access to different subsets of the data in your organization. Your company can have one or many domains and a user can be granted access to just one or to many domains as needed. If you have access to multiple domains, during the login process, you will be prompted to select the domain you want to enter. Read Sign up and log in for further information.
An event is a single collection of data, as is a record in a log file. In Devo, all events have tags assigned to them to identify some key characteristics and to group them into virtual data tables in Devo. In this way, you can select a tag to see all the events it includes and visualize and work with them in the corresponding data table.
Apply filters to data tables to isolate or exclude specified field values. Filters offer several operations you can use to get the data you need.
This process makes it possible to create charts that join two or more queries based on a common data field. For more information, see Graphical correlation.
Events in a data table can easily be grouped by time periods to facilitate analysis. Grouping is required in order to subsequently apply aggregation operations on the data. See the Group data article for more information.
Lookups, also called lookup tables, enable you to enrich your data by correlating key fields in the query and lookup, and inserting new information that the lookup provides. Lookups can be created from external data that you upload in CSV format, or they can be created from query data. See Data enrichment for more information.
You can use panels to create a graphical representation of a business process or sketch the infrastructure of a system by linking different elements. Panels also allow you to associate queries and alerts in real-time to the elements added.
Permalinks are URL links pointing directly to shared dashboards. This makes it easy to share dashboards with other Devo users. However, in order to access the dashboard usin gthe permalink, the recipient will need to have the necessary permissions.
A query is the definition of the specific data you want to get, after applying all the required operations in a data table such as filters, grouping data or performing data aggregation. You can build your queries manipulating the table data in the Devo query window, or writing them directly using the LINQ language. Go to Building a query to learn how to do it.
The query window is where you are taken after selecting the required table using the Finder. This window displays the associated data in table format and offers an extensive range of operations you can use to filter, transform, and enrich your data and build powerful queries.
The Devo Relay is an application that resides within your secure network and is used to receive event data, apply rules that can filter or tag events, and forward events securely to your domain in the Devo Cloud. The Devo Relay is especially useful when you cannot apply Devo tags to events in the source system or when the source system is not capable of sending events with adequate security. Learn more in The Devo In-House Relay.
A user's roles control the access the user will have to features, functionalities, applications, dashboards, and panels. In Devo, user roles are cumulative. This means that if you have been assigned multiple roles, your permissions will be the sum of all the roles combined. There are two default roles is every Devo domain; Admin for full access and No Privileges for limited access. You can create any number of custom roles in order to control the access your users have to features and resources in the domain. For more information, see Users and roles.
Tags are how Devo recognizes an event's data source. Every event must be associated with a Devo tag when it is delivered to the Devo Cloud so that the event can be correctly stored, retrieved, and finally parsed for display. Learn more in About Devo tags.
A widget is any table or chart contained in a dashboard. They are fed by regularly updated query data. Go to Working with dashboard widgets to learn more.