...
The Devo Wiz collector allows customers to retrieve Wiz cloud security issues into Devo to query, correlate, analyze, and visualize to enable Enterprise IT and Cybersecurity teams to take the most impactful decisions at the petabyte scale. The collector processes the Wiz API responses and sends them to the Devo platform, which then categorizes all data received on tables along rows and columns in your Devo domain.
Data sources
Data source | Description | API Endpoint | Collector service name | Devo table | Available from release |
---|---|---|---|---|---|
Issues | An issue in wiz is a vulnerability that is detected in the cloud infrastructure |
|
|
|
|
Vulnerability | Vulnerabilities are weaknesses in computer systems that can be exploited by malicious attackers. Whether they are caused by bugs or design flaws, vulnerabilities can allow attackers to execute code in an environment or elevate privileges. |
|
|
|
|
Audit Logs | The Audit Log records key events in Wiz, such as login, logout, and user update. The Audit Log is primarily used to investigate potentially suspicious activity or diagnose and troubleshoot errors. |
|
|
|
|
Cloud Configuration Findings | This returns the problems with configurations and the remediation solutions for the same. |
|
|
|
|
Devo collector features
Feature | Details |
---|---|
Allow parallel downloading ( |
|
Running environments |
|
Populated Devo events |
|
Flattening preprocessing |
|
...
Collector service details
Issue Service
Expand | ||
---|---|---|
| ||
All events of this service are ingested into the table |
Expand | ||
---|---|---|
| ||
Issue service is based on the following GraphQL command:
|
Expand | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||
Once the collector has been launched, it is important to check if the ingestion is performed in a proper way. To do so, go to the collector’s logs console. This service has the following components:
Setup outputA successful run has the following output messages for the setup module:
Puller outputA successful initial run has the following output messages for the puller module:
After a successful collector’s execution (that is, no error logs found), you will see the following log message:
Note that a
|
Vulnerability Service
Issue Service
Expand | ||
---|---|---|
| ||
All events of this service are ingested into the table |
Expand | ||
---|---|---|
| ||
Issue service is based on the following GraphQL command:
|
Expand | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||
Once the collector has been launched, it is important to check if the ingestion is performed in a proper way. To do so, go to the collector’s logs console. This service has the following components:
Setup outputA successful run has the following output messages for the setup module:
Puller outputA successful initial run has the following output messages for the puller module:
After a successful collector’s execution (that is, no error logs found), you will see the following log message:
Note that a
|
AuditLogs Service
Expand | ||
---|---|---|
| ||
All events of this service are ingested into the table |
Expand | ||
---|---|---|
| ||
Issue service is based on the following GraphQL command:
|
Expand | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||
Once the collector has been launched, it is important to check if the ingestion is performed in a proper way. To do so, go to the collector’s logs console. This service has the following components:
Setup outputA successful run has the following output messages for the setup module:
Puller outputA successful initial run has the following output messages for the puller module:
After a successful collector’s execution (that is, no error logs found), you will see the following log message:
Note that a
|
CloudConfiguration Service
Expand | ||
---|---|---|
| ||
All events of this service are ingested into the table |
...
Expand | ||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||||
Once the collector has been launched, it is important to check if the ingestion is performed in a proper way. To do so, go to the collector’s logs console. This service has the following components:
Setup outputA successful run has the following output messages for the setup module:
Puller outputA successful initial run has the following output messages for the puller module:
After a successful collector’s execution (that is, no error logs found), you will see the following log message:
Note that a
|
...