Metadata about email messages processed by the Agari service.
/v1/ep/messages
mail.agari.phishing_defense.messages
Policy events
Details on policy events triggered by the Agari service.
/v1/ep/policy_events
mail.agari.phishing_defense.policy_events
Configuration
In order to configure the Devo Agari Phishing Defense integration you need to:
...
For security purposes, the client_secret will not be displayed again, however, you can generate a new one whenever needed by following the steps above.
Running the collector
This collector is hosted by Devo. To start using it, get in touch with us.We use a piece of software called Collector Server to host and manage all our available collectors.
To enable the collector for a customer:
In the Collector ServerGUI, access the domain in which you want this instance to be created
In the Collector Name field, set the value you prefer (this name must be unique inside the same Collector Server domain).
In the sending method select Direct Send. Direct Send configuration is optional for collectors that create Table events, but mandatory for those that create Lookups.
In the Parameters section, establish the Collector Parameters as follows below:
All defined service entities will be executed by the collector. If you do not want to run any of them, just remove the entity from the services object.
...
Change log
Release
Released on
Release type
Details
Recommendations
v1.2.0
Aug 29, 2023
Status
colour
Yellow
title
IMPROVEMENTS
Upgraded DCSDK from 1.1.4 to 1.9.2
Store lookup instances into DevoSender to avoid creation of new instances for the same lookup
Ensure service_config is a dict into templates
Ensure special characters are properly sent to the platform
Changed log level to some messages from info to debug
Changed some wrong log messages
Upgraded some internal dependencies
Changed queue passed to setup instance constructor
Added log traces for knowing the execution environment status (debug mode)
Fixes in the current puller template version
Improved log trace details when runtime exceptions happen
Refactored source code structure
New “templates” functionality
Functionality for detecting some system signals for starting the controlled stopping
Input objects sends again the internal messages to devo.collectors.out table
Upgraded DevoSDK to version 3.6.4 to fix a bug related to a connection loss with Devo
Refactored source code structure
Changed way of executing the controlled stopping
Minimized probabilities of suffering a DevoSDK bug related to “sender” to be null
Ability to validate collector setup and exit without pulling any data
Ability to store in the persistence the messages that couldn’t be sent after the collector stopped
Ability to send messages from the persistence when the collector starts and before the puller begins working
Ensure special characters are properly sent to the platform
Added a lock to enhance sender object
Added new class attrs to the setstate and getstate queue methods
Fix sending attribute value to the setstate and getstate queue methods
Added log traces when queues are full and have to wait
Added log traces of queues time waiting every minute in debug mode
Added method to calculate queue size in bytes
Block incoming events in queues when there are no space left
Send telemetry events to Devo platform
Upgraded internal Python dependency Redis to v4.5.4
Upgraded internal Python dependency DevoSDK to v5.1.3
Fixed obfuscation not working when messages are sent from templates
New method to figure out if a puller thread is stopping
Upgraded internal Python dependency DevoSDK to v5.0.6
Improved logging on messages/bytes sent to Devo platform
Fixed wrong bytes size calculation for queues
New functionality to count bytes sent to Devo Platform (shown in console log)
Upgraded internal Python dependency DevoSDK to v5.0.4
Fixed bug in persistence management process, related to persistence reset
Aligned source code typing to be aligned with Python 3.9.x
Inject environment property from user config
Obfuscation service can be now configured from user config and module definiton
Obfuscation service can now obfuscate items inside arrays
Ensure special characters are properly sent to the platform
Changed log level to some messages from info to debug
Changed some wrong log messages
Upgraded some internal dependencies
Changed queue passed to setup instance constructor
Upgrade internal dependencies
Recommended version
v1.1.0
Status
colour
Green
title
FEATURES
Status
colour
Yellow
title
VULNS
This release includes the following changes:
The resilience has been improved with a new feature that restart the collector when the Devo connections is lost and it cannot be recovered.
All critical and high vulnerabilities have been mitigated.