The following are key concepts and are important to understanding how the Devo Platform works.
Activeboard
Activeboards are an update of Devo dashboards that simplify the process of creating and managing visual representations of query results. Users with the required role permissions will see the Activeboards option in the navigation pane. See Activeboards for more information.
Aggregation
An aggregation, also called an aggregate operation, performs a calculation on a set of values in a query. In Devo, this is the calculation that is run on values in grouped events—like a sum, average, minimum, maximum, or similar. The result of the calculation appears in a new table column. For more information, see Aggregate data.
Aggregation task
An aggregation task is a process that Devo runs periodically to perform calculations in queries that are needed to feed widgets or applications. These tasks can be reviewed and managed in the Data Management area of the Administration menu. For more information, see Create a new aggregation task.
Alert
Alerts are messages that can be configured to notify users when given conditions are met in a query. Alerts can be either real-time or scheduled, and they can be distributed using different delivery methods and according to schedules defined in sending policies. For more information, see Alerts and Notifications.
API
Application Programming Interface. A set of defined methods of communication among various components. Devo uses APIs to help users easily analyze and get their data. See API reference to learn more.
Chart
Charts are graphical representations of information intended to make it easier to understand. You can build charts based on specific query data directly in the search window. Devo offers a rich gallery of charts you can use depending on your needs.
Collector
Collectors are pieces of software provided by Devo that allow users to easily send data from some specific products to Devo. You only need to install the collector in your machine, configure it and start sending data.
Dashboard
Dashboards are visual representations of the results of your search queries through widgets updated in real-time. There is a great variety of widgets available to represent the data in different ways.
Data table
A data table is the result of passing the received data through a parser, and represents a group of events associated to a specific tag. Events are displayed in rows with data parsed into fields, which appear in columns. Each column is assigned a specified data type such as string, integer, etc. After running a search, you will be taken to the search window, where you can visualize and work with the data table displaying the events in the selected tag. See Working in the search window for more information.
Domain
Domains are environments that enable access to different subsets of the data in your organization. Your company can have one or more domains, and a user can be granted access to just one or to more domains as needed. If you have access to multiple domains, you will be prompted to select the domain you want to enter during the login process. Read Sign up and log in for further information.
Event
An event is a single collection of data, just like a record in a log file. In Devo, all events are assigned tags to identify some key characteristics and to group them into virtual data tables in Devo. This way, you can select a tag to see all the events it includes and visualize and work with them in the corresponding data table.
Filter
Apply filters to data tables to isolate or exclude specified field values. Filters offer several operations you can use to get the data you need.
Graphical correlation
This process makes it possible to create charts that join two or more queries based on a common data field. For more information, see Graphical correlation.
Group
Events in a data table can be easily grouped by time periods to facilitate analysis. Grouping is required in order to subsequently apply aggregation operations to the data. See the Group data article for more information.
Lookups
Lookups, also called lookup tables, enable you to enrich your data by correlating key fields in the query and lookup and inserting new information that the lookup provides. Lookups can be created from external data that you upload in CSV format, or they can be created from query data. See Data enrichment for more information.
Parser
The Devo Platform is equipped to receive, store, and parse events seamlessly and securely from a wide range of commercial data sources, including operating systems, networking infrastructure devices, business applications, and more. Each data source, or supported technology, is assigned a Devo tag that must be attached to each event when it is delivered to the Devo Cloud. This tag is a critical part of what makes Devo so powerful and fast as it determines how Devo will store and retrieve the events for display. This is what we know as a parser; a technology that organizes raw events stored in a tag in different columns and display them in the corresponding table.
See the complete list of Devo parsers here.
Query
A query is the definition of the specific data you want to get after running a search, applying all the required operations in a data table such as filters, grouping data, or performing data aggregation. You can build your queries by manipulating the table data in the Devo search window, or writing them directly using the LINQ language.
After running a search, your query includes all the operations performed from the current stage to the first one. Go to Building a query to learn more.
Relay
The Devo Relay is an application that resides within your secure network and is used to receive event data, apply rules that can filter or tag events, and forward events securely to your domain in the Devo Cloud. The Devo Relay is especially useful when you cannot apply Devo tags to events in the source system or when the source system is not capable of sending events with adequate security. Learn more in Devo Relay.
Roles
A user's role controls the access the user will have to features, functionalities, applications, dashboards, and panels. In Devo, user roles are cumulative. This means that if you have been assigned multiple roles, your permissions will be the sum of all the roles combined. There are two default roles in every Devo domain: Admin for full access and No Privileges for limited access.
You can create any number of custom roles in order to control the access your users have to features and resources in the domain. For more information, see Users and roles.
Search
A search is composed of all the different query paths you create after accessing a data table, by applying operations to transform your data. In Devo, you can run a search in the Data Search area. See Searching data to learn more.
You can easily visualize the whole search tree with its different paths using the Search Tree tool in the search window.
Search window
The search window is where you are taken after running a search. This window displays the associated data in table format and offers an extensive range of operations you can use to filter, transform, and enrich your data and build powerful queries.
Subquery
Subqueries consist of using the result of a query to act as a filter in another query, thus making it possible to use information from different sources in a single consultation.
Tag
Tags are how Devo recognizes an event's data source. Every event must be associated with a Devo tag when it is delivered to the Devo Cloud so that the event can be correctly stored, retrieved, and finally parsed for display. Learn more in About Devo tags.
You can visualize and work with events under a specific tag in the search window by selecting the corresponding tag levels from the Data Search area of the application.
Widget
A widget is any table or chart contained in a dashboard or Activeboard. They are fed by regularly updated query data. Go to Working with Activeboard widgets to learn more.