Pre-integrated query packs
- Anthony Shevlin (Deactivated)
- Juan Tomás Alonso Nieto (Unlicensed)
Devo Universal Agent works based on “packs”—a defined set of queries that will be executed periodically in the targeted endpoints existing in the Devo Universal Manager. While a user can create his/her own queries in the Universal Manager interface, the following table shows the pre-configured packs delivered with the default package. These will be parsed properly in Devo:
Pack name | Queries | Type | Description |
|---|---|---|---|
DevoConfigurationPack | configuration_disk_info | Snapshot | Physical disks of the system |
configuration_windows_software | Snapshot | Software installed list (Windows) | |
configuration_windows_software_choco | Snapshot | Software installed using Choco (Windows) | |
existing_users | Incremental | User list incremental | |
existing_users_snapshot | Snapshot | User list snapshot | |
existing_groups | Incremental | Group list incremental | |
existing_groups_snapshot | Snapshot | Group list snapshot | |
existing_users_groups | Incremental | Correspondence between users and groups | |
existing_users_groups_snapshot | Snapshot | Correspondence between users and groups(snapshot) | |
system_info | Snapshot | Computer identification and hardware info | |
configuration_network | Snapshot | Information about networks in the system | |
operating_system | Snapshot | Operating system information | |
DevoEventsPack | all_windows_events | Incremental | List of Windows Events, tagged by type |
powershell_win_operational_events | Incremental | Powershell (Windows) events, tagged | |
all_linux_syslog_events | Incremental | Events gathered in syslog for linux-based systems | |
DevoStatusPack | logged_in_users | Incremental | Users logged in the system ( incremental ) |
logged_in_users_snapshot | Snapshot | Users logged in the system ( snapshot) | |
running_process_snapshot | Snapshot | Running processes list (snapshot) | |
running_process | Incremental | Running processes (incremental) | |
running_process_metrics | Incremental (no removals) | Details about running processes | |
listening_ports | Snapshot | Open network ports in the system | |
process_open_sockets | Snapshot | Open sockets by processes | |
DevoPerformancePack | devo_systat_cpu | Snapshot | CPU and memory load information |
devo_systat_iodisk | Snapshot | Disk read/write load | |
devo_systat_network | Snapshot | Network sent/receive traffic | |
devo_systat_usagedisk | Snapshot | Disk capacity used and free | |
DevoFetchFilesPack | files_content | Snapshot | Last file contents read by fetchfiles |
ffext_files_info | Snapshot | Files and folders to process by fetchfiles | |
ffext_files_config | Snapshot | Fetchfiles configuration |
Packs created outside of this table may not be parsed properly and information will end up in the table box.devo_ua.unknown