Versions Compared

Old Version 7

changes.mady.by.user Juan Tomás Alonso Nieto

Saved on

compared with

New Version 8

changes.mady.by.user Juan Tomás Alonso Nieto

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

There are two different types of ELBs:

syslog ELB

You can use this ELB to send your events directly to Devo using the syslog protocol. To do it, you have to use TLS client auth using your domain certificate.

You can check the ELB endpoint associated with your Devo deployment in Administration → Relays and ELBs → Event load balancers (ELBs).

Image Removed
Image Added

Click the ... icon that appears when you hover over it and select Download the certificate to get the required certificates. You will be taken to the Administration → Credentials → X.509 certificates screen, where you must download the certificate, private key, and chain.

Learn more about X.509 certificates in this article.

Image Modified

HTTP ELB

You can send your events to Devo using an HTTP endpoint.

To authorize the process, you must generate a token in Devo, and then send the HTTP request to the required endpoint according to your region. Check the available HTTP endpoints and instructions to generate the required token and send the events in this article.

Endpoint Agent

The Devo Endpoint Agent is a multi-platform and multi-purpose endpoint monitoring solution that allows Devo customers to recollect a variety of datasets sitting in their infrastructure, process them in an efficient way, and create a comprehensive view that spans multiple applications and use cases in areas such as security monitoring, IT health and performance monitoring or capacity planning.

...

Check the list of most common collectors we have defined and how to work with them in this list.

Cloud Collector

The Cloud Collector application allows customers to see and manage all the collectors installed in their domains in one place.

Learn more about the Cloud Collector

Event sources

Every data source is unique and so are the procedures for setting them up to send events to the Devo endpoint, whether that's the Devo Relay or the Devo Cloud. For the purposes of providing configuration instructions, we can divide the event sources into several groups:

...

Because every deployment environment is unique with its own policies and preferred data management tools, we do not restrict you to any single way of sending data. As long as the data is sent securely and with the correct Devo tag, you can choose how you prefer to send the data. 

Note

Note that for TLS 1.2, the following cipher suites are not allowed:

  • TLS_RSA_WITH_AES_256_CBC_SHA256

  • TLS_RSA_WITH_AES_128_CCM

  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384

  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256

  • TLS_RSA_WITH_AES_256_GCM_SHA384

  • TLS_RSA_WITH_AES_128_CBC_SHA256

  • TLS_RSA_WITH_AES_128_GCM_SHA256

  • TLS_RSA_WITH_AES_256_CCM

  • TLS_ECDHE_RSA_WITH_ARIA_128_GCM_SHA256

  • TLS_RSA_WITH_ARIA_128_GCM_SHA256

  • TLS_RSA_WITH_ARIA_256_GCM_SHA384

  • TLS_RSA_WITH_AES_256_CCM_8

  • TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA

  • TLS_ECDHE_RSA_WITH_ARIA_256_GCM_SHA384

  • TLS_RSA_WITH_AES_128_CCM_8

  • TLS_RSA_WITH_AES_128_CBC_SHA

  • TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA

  • TLS_RSA_WITH_AES_256_CBC_SHA

We provide some general guidelines for using some popular open-source and 3rd-party log collection tools, like NXlog, Fluentd, and Logstash.

...