Document toolboxDocument toolbox

Application: Devo 360 for Crowdstrike

[ 1 Purpose ] [ 2 Prerequisites ] [ 3 Open app ] [ 4 Use app ]

Purpose

The Devo 360 for CrowdStrike application is a pre-built knowledge base of dashboards and alerts that delivers real-time visibility and expedites analysis of Devo users’ CrowdStrike infrastructures. It helps you use the Devo Platform to optimize resources and detect threats targeting your Crowdstrile infrastructure.

Prerequisites

To use the Devo 360 Crowdstrike, you must have the following data sources available on your domain:

  • edr.crowdstrike.canon learn more

  • edr.crowdstrike.cannon.networkconnectip4 learn more

  • edr.crowdstrike.cannon.processrollup2 learn more

  • edr.crowdstrike.dnsrequest learn more

  • edr.crowdstrike.falconstreaming learn more

  • error_warning_danger_stop_fillededr.crowdstrike.falconstreaming.detection_summary learn more

  • edr.crowdstrike.falconstreaming.auth_activity learn more

  • edr.crowdstrike.falconstreaming.incide learn more

  • error_warning_danger_stop_fillededr.crowdstrike.falconstreaming.user_a learn more

  • edr.crowdstrike.falconstreaming.user_activity_quarantined_files learn more

Open app

Once the app has been installed, you can use the Open button at the top right of the card in Exchange to access it and use it as intended. You can also access the app via the Navigation pane.

Use app

Once inside the app, you can use it as required. Refer to Devo 360 for Crowdstrike for a detailed walkthrough.