Versions Compared

Old Version 30

changes.mady.by.user Juan Tomás Alonso Nieto

Saved on

compared with

New Version 31

changes.mady.by.user Borja Moro Moreno

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Table of Contents
maxLevel2
typeflat

...

Rw ui steps macro
Rw step

Log in to your Devo domain and go to Administration → Credentials → Authentication tokens.

Rw step

Click Create token.

Image RemovedImage Added
Rw step

Enter a descriptive Name and choose the person that will use the token in the Authorized user field. This can be either yourself or a user in your domain.

Rw step

Select the destination Target table/s for the events. These are the tag or tags that will be used by Devo to classify the events. You can use wildcards to send the data to multiple tables. For example, to send the events to all tables that begin with "my.app", you can specify my.app.**. See the Authentication tokens section to learn more about how to use wildcards when identifying target tables.

Note

Note that it is not possible to ingest data to tables that receive events in CEF syslog format using this method.

Rw step

In the Type field, choose HTTP ingestion.

Image Removed

Rw step

Optionally, check the Expiration date field if you want to enter an expiration date for the new token. Choose the required date in the calendar.

Rw step

Click Create. The token is generated and appears in the token list below.

...

Element

Description

<endpoint>

  • USA: https://http-us.devo.io:443

  • Europe: http[s]://http-eu.devo.io

  • Canada: https://http-ca.devo.io:443/

  • Asia-Pacific (APAC): https://collector-ap.devo.io:8443 (The endpoint will be different depending on the ingestion source. Currently we have collector-ap for Singapore and collector-ap2 for Sydney)

Use the endpoint that corresponds to the Devo Cloud region you use.

<mode>

This can be one of the following:

  • event - Use this mode to send single events. GET and POST methods are accepted.

  • stream - Use this mode to send multiple events. Only POST is accepted. Use the header Content-Encoding: gzip to send multiple compressed events in your request body. Check an example in the section below.

<domain>

The name of the Devo domain where the events are being sent to.

<token>

The token you generated in Devo to authorize your connection. 

<tag>

The Devo tag to be applied to the events. Learn more about tags in About Devo tags.

<message>

The log to be sent. Note that this is only valid if you’re using the event mode, that is to say, you're sending a single event to Devo. In this case, the event is added to the query string.

In case of a POST request in stream mode, events should be added to the request body. See some examples of this in the section below.

Here is an example of an endpoint URL:

Code Block
https://http-us.devo.io/event/myDomain/token!a5370g9e8f7d7edf9d/local1/my.app.http.js?this%20is%20a%20example%20of%20log

...