{"type":"doc","content":[{"type":"extension","attrs":{"layout":"default","extensionType":"com.atlassian.confluence.macro.core","extensionKey":"toc","parameters":{"macroParams":{"minLevel":{"value":"2"},"maxLevel":{"value":"2"},"type":{"value":"flat"}},"macroMetadata":{"macroId":{"value":"812af86120b7d64463b747ac09afa7ed"},"schemaVersion":{"value":"1"},"title":"Table of Contents"}},"localId":"72c9b4a1-f493-4b84-b268-16358df35c8b"}},{"type":"heading","attrs":{"level":2},"content":[{"text":"Overview","type":"text"}]},{"type":"paragraph","content":[{"text":"The Fastly Next-Gen WAF (powered by Signal Sciences) is a web application firewall that monitors for suspicious and anomalous web traffic and protects, in real-time, against attacks directed at the applications and origin servers that you specify.","type":"text"}]},{"type":"table","attrs":{"layout":"default","width":760.0,"localId":"0ab3b2ef-2f2a-4b04-9967-e08c1200cb68"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[376.0]},"content":[{"type":"paragraph","content":[{"text":"Feature","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[382.0]},"content":[{"type":"paragraph","content":[{"text":"Details","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[376.0]},"content":[{"type":"paragraph","content":[{"text":"Allow parallel downloading (","type":"text"},{"text":"multipod","type":"text","marks":[{"type":"code"}]},{"text":")","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[382.0]},"content":[{"type":"paragraph","content":[{"text":"not allowed","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[376.0]},"content":[{"type":"paragraph","content":[{"text":"Running environments","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[382.0]},"content":[{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"collector server","type":"text","marks":[{"type":"code"}]}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"on-premise","type":"text","marks":[{"type":"code"}]}]}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[376.0]},"content":[{"type":"paragraph","content":[{"text":"Populated Devo events","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[382.0]},"content":[{"type":"paragraph","content":[{"text":"table","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[376.0]},"content":[{"type":"paragraph","content":[{"text":"Flattening preprocessing","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[382.0]},"content":[{"type":"paragraph","content":[{"text":"no","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[376.0]},"content":[{"type":"paragraph","content":[{"text":"Allowed source events obfuscation","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[382.0]},"content":[{"type":"paragraph","content":[{"text":"yes","type":"text","marks":[{"type":"code"}]}]}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Data sources","type":"text"}]},{"type":"table","attrs":{"layout":"default","width":760.0,"localId":"9435c4ed-b468-41be-9313-494ec9731a76"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Data source","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"API endpoint","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Collector service name","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Devo table","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Available from release","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"List corp activity events","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Lists activity events for a corporation.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"api/v0/corps/{corpName}/activity","type":"text","marks":[{"type":"code"}]}]},{"type":"paragraph"}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"corp_activity_events","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"waf.fastly.nextgen_waf.corp_activity.{corpName}.{site}","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"v1.0.0","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"List site activity events","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Lists activity events of a corporation for a given site.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"api/v0/corps/{corpName}/sites/{siteName}/analytics/events","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"site_activity_events","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"waf.fastly.nextgen_waf.site_activity.{corpName}.{site}","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"v1.0.0","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"List corp events.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Lists all events of a corporation for a given site.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"api/v0/corps/{corpName}/sites/{siteName}/events","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"corp_events","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"waf.fastly.nextgen_waf.corp_event.{corpName}.{site}","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"v1.0.0","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Get request feed.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Lists all of a corporation's request feed data for a given site.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"api/v0/corps/{corpName}/sites/{siteName}/feed/requests","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"feed_requests","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"waf.fastly.nextgen_waf.request_feed.{corpName}.{site}","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"v1.0.0","type":"text"}]}]}]}]},{"type":"paragraph","content":[{"text":"For more information on how the events are parsed, ","type":"text"},{"text":"visit our page","type":"text","marks":[{"type":"link","attrs":{"href":"https://devodocs.atlassian.net/wiki/spaces/latest/pages/414023696"}}]},{"text":".","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Vendor setup","type":"text"}]},{"type":"paragraph","content":[{"text":"You must have a Fasly Next-Gen WAF account. For information on how to create an account check ","type":"text"},{"text":"this guide","type":"text","marks":[{"type":"link","attrs":{"href":"https://docs.fastly.com/en/ngwaf/start-here"}}]},{"text":".","type":"text"}]},{"type":"paragraph","content":[{"text":"With the creation of the account you will get:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"User email: The user's email to configure the collector.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Corporation: It is a necessary parameter to configure the collector. It is provided by the Fastly Next-Gen WAF team during account creation.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Site: It is a necessary parameter to configure the collector. It is provided by the Fastly Next-Gen WAF team during account creation.","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"To generate the required API access token, follow these steps:","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Log in to the Fastly console ","type":"text"},{"text":"here","type":"text","marks":[{"type":"link","attrs":{"href":"https://manage.fastly.com/auth/sign-in?returnTo=%2F"}}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"From the ","type":"text"},{"text":"My Profile","type":"text","marks":[{"type":"strong"}]},{"text":" menu, select API access tokens.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click ","type":"text"},{"text":"Add API","type":"text","marks":[{"type":"strong"}]},{"text":" access token.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Token","type":"text","marks":[{"type":"strong"}]},{"text":" name field, enter a name to identify the access token.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click ","type":"text"},{"text":"Create API access token","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Record the token in a secure location for your use.","type":"text"}]}]}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"Note that this is the only time the token will be visible. Record the token and keep it secure. For your security, it will not appear in the console.","type":"text"}]}]},{"type":"orderedList","attrs":{"order":7},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click ","type":"text"},{"text":"Continue","type":"text","marks":[{"type":"strong"}]},{"text":" to finish creating the token.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Copy the token to set the collector's ","type":"text"},{"text":"api_token","type":"text","marks":[{"type":"code"}]},{"text":" parameter.","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"For more information check ","type":"text"},{"text":"this article","type":"text","marks":[{"type":"link","attrs":{"href":"https://docs.fastly.com/en/ngwaf/using-our-api"}}]},{"text":".","type":"text"}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Minimum configuration required for basic pulling","type":"text"}]},{"type":"paragraph","content":[{"text":"Although this collector supports advanced configuration, the fields required to retrieve data with basic configuration are defined below.","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"This minimum configuration refers exclusively to those specific parameters of this integration. There are more required parameters related to the generic behavior of the collector. Check setting sections for details.","type":"text"}]}]},{"type":"table","attrs":{"layout":"default","width":760.0,"localId":"c367918c-a9ae-4aa7-a39b-13c962a20ba0"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[225.0]},"content":[{"type":"paragraph","content":[{"text":"Setting","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[533.0]},"content":[{"type":"paragraph","content":[{"text":"Details","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[225.0]},"content":[{"type":"paragraph","content":[{"text":"user_email","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[533.0]},"content":[{"type":"paragraph","content":[{"text":"The username for the Next-Gen WAF API. ","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[225.0]},"content":[{"type":"paragraph","content":[{"text":"api_token","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[533.0]},"content":[{"type":"paragraph","content":[{"text":"The API Token for the Next-Gen WAF API.. To find out how to get it, see the Vendor Setup guide.","type":"text"}]}]}]}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"See the ","type":"text"},{"text":"Accepted authentication methods","type":"text","marks":[{"type":"strong"}]},{"text":" section to verify what settings are required based on the desired authentication method.","type":"text"}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Accepted authentication methods","type":"text"}]},{"type":"table","attrs":{"layout":"default","width":760.0,"localId":"965e5611-537f-4d4b-97d1-396ef26e8c12"},"content":[{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1,"colwidth":[430.0]},"content":[{"type":"paragraph","content":[{"text":"Authentication method","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1,"colwidth":[328.0]},"content":[{"type":"paragraph","content":[{"text":"API Token","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[430.0]},"content":[{"type":"paragraph","content":[{"text":"user_email","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[328.0]},"content":[{"type":"paragraph","content":[{"text":"Required","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[430.0]},"content":[{"type":"paragraph","content":[{"text":"api_token","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[328.0]},"content":[{"type":"paragraph","content":[{"text":"Required","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Run the collector","type":"text"}]},{"type":"paragraph","content":[{"text":"Once the data source is configured, you can either send us the required information if you want us to host and manage the collector for you (","type":"text"},{"text":"Cloud collector","type":"text","marks":[{"type":"underline"}]},{"text":"), or deploy and host the collector in your own machine using a Docker image (","type":"text"},{"text":"On-premise collector","type":"text","marks":[{"type":"underline"}]},{"text":").We use a piece of software called Collector Server to host and manage all our available collectors.","type":"text"}]},{"type":"paragraph","content":[{"text":"To enable the collector for a customer:","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Collector Server","type":"text","marks":[{"type":"strong"}]},{"text":" ","type":"text"},{"text":"GUI","type":"text","marks":[{"type":"strong"}]},{"text":", access the ","type":"text"},{"text":"domain","type":"text","marks":[{"type":"strong"}]},{"text":" in which you want this instance to be created","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click ","type":"text"},{"text":"Add Collector","type":"text","marks":[{"type":"strong"}]},{"text":" and find the one you wish to add.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Version","type":"text","marks":[{"type":"strong"}]},{"text":" field, select the latest value.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Collector Name","type":"text","marks":[{"type":"strong"}]},{"text":" field, set the value you prefer (this name must be unique inside the same Collector Server domain).","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the sending method select ","type":"text"},{"text":"Direct Send. Direct Send","type":"text","marks":[{"type":"strong"}]},{"text":" configuration is optional for collectors that create ","type":"text"},{"text":"Table","type":"text","marks":[{"type":"code"}]},{"text":" events, but mandatory for those that create ","type":"text"},{"text":"Lookups","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Parameters","type":"text","marks":[{"type":"strong"}]},{"text":" section, establish the ","type":"text"},{"text":"Collector Parameters","type":"text","marks":[{"type":"strong"}]},{"text":" as follows below:","type":"text"}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Editing the JSON configuration","type":"text"}]},{"type":"codeBlock","content":[{"text":"{\n \"global_overrides\": {\n \"debug\": \n },\n \"inputs\": {\n \"fastly\": {\n \"id\": \"\",\n \"corp_name\": \"\",\n \"site\": \"\",\n \"enabled\": true,\n “environment”: “”,\n \"credentials\": {\n \"user_email\": \"\",\n “api_token”\": \"\",\n },\n \"services\": {\n \"corp_activity_events\": {\n \"request_period_in_seconds\": ,\n \"override_tag\": ,\n \"start_time_utc\": \n },\n \"site_activity_events\": {\n \"request_period_in_seconds\": ,\n \"override_tag\": ,\n \"start_time_utc\": \n },\n \"corp_events\": {\n \"request_period_in_seconds\": ,\n \"override_tag\": ,\n \"start_time_utc\": \n },\n \"feed_requests\": {\n \"request_period_in_seconds\": ,\n \"override_tag\": ,\n \"start_time_utc\": \n },\n }\n }\n }\n}","type":"text"}]},{"type":"table","attrs":{"layout":"default","width":760.0,"localId":"d802c0d3-a4a2-4297-b335-b6da61054508"},"content":[{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Parameter","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Data type","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Type","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Value Range","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Details","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"collector_name","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Use this param to give a name to this collector.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"devo_address","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"collector-us.devo.io","type":"text","marks":[{"type":"link","attrs":{"href":"http://collector-us.devo.io"}}]},{"text":" ","type":"text"}]},{"type":"paragraph","content":[{"text":"collector-eu.devo.io","type":"text","marks":[{"type":"link","attrs":{"href":"http://collector-eu.devo.io"}}]},{"text":" ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Use this parameter to identify the Devo Cloud where the events will be sent.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"chain_filename","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"minimum length: 4","type":"text"}]},{"type":"paragraph","content":[{"text":"maximum length: 20","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Use this parameter to identify the chain.cert file downloaded from your Devo domain. Usually this file's name is: chain.crt.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"cert_filename","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"minimum length: 4","type":"text"}]},{"type":"paragraph","content":[{"text":"maximum length: 20","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Use this parameter to identify the file.cert downloaded from your Devo domain.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"key_filename","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"minimum length: 4","type":"text"}]},{"type":"paragraph","content":[{"text":"maximum length: 20","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Use this parameter to identify the file.key downloaded from your Devo domain.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"short_unique_id","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"int","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]},{"type":"paragraph","content":[{"text":"Maximum length: 5","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Use this param to give an unique id to this input service.","type":"text"}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"This parameter is used to build the persistence address, do not use the same value for multiple collectors. It could cause a collision.","type":"text"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"corp_name_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"int","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]},{"type":"paragraph"}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"The corporation for the Next-Gen WAF API. To find out how to get it, see the ","type":"text"},{"text":"Vendor Setup guide","type":"text","marks":[{"type":"strong"}]},{"text":"..","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"site_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"int","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]},{"type":"paragraph"}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"The site for the Next-Gen WAF API. To find out how to get it, see the ","type":"text"},{"text":"Vendor Setup guide","type":"text","marks":[{"type":"strong"}]},{"text":"..","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"environment_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"This is an optional control parameter that is injected into the events and allows to differentiate the environment. For example: dev and prod.","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"This parameter should be removed if it is not used.","type":"text"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"user_email_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]},{"type":"paragraph"}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"The user email for the Next-Gen WAF API. To find out how to get it, see the ","type":"text"},{"text":"Vendor Setup guide","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"api_token_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]},{"type":"paragraph"}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"The api_token for the Next-Gen WAF API. To find out how to get it, see the ","type":"text"},{"text":"Vendor Setup guide","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"override_tag_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Devo tag-friendly string (no special characters, spaces, etc.) For more information see ","type":"text"},{"text":"Devo Tags","type":"text","marks":[{"type":"underline"},{"type":"link","attrs":{"href":"https://docs.devo.com/space/latest/95126204/About%20Devo%20tags"}}]},{"text":".","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"An optional tag that allows users to override the service default tags.","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"This parameter can be removed or commented.","type":"text"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"start_time_utc_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"UTC datetime string having datetime string format %Y-%m-%dT%H:%M:%SZ","type":"text"}]},{"type":"paragraph","content":[{"text":" (e.g., “2023-07-11T01:23:01Z”)","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"Must be within 24 hours to 5 minutes in past for feed_requests servcie.","type":"text"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"This configuration allows you to set a custom date as the beginning of the period to download. This allows downloading historical data (one month back for example) before downloading new events.","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"This parameter should be removed if it is not used.","type":"text"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"request_period_in_seconds_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"int","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Period in seconds used between each data pulling. This value will overwrite the default value (60 seconds).","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"This parameter can be removed or commented.","type":"text"}]}]}]}]}]},{"type":"bodiedExtension","attrs":{"layout":"default","extensionType":"com.atlassian.confluence.macro.core","extensionKey":"rw-ui-tabs-macro","parameters":{"macroParams":{},"macroMetadata":{"macroId":{"value":"6a805bc0-abf6-4d98-987c-6a9164c77642"},"schemaVersion":{"value":"1"},"placeholder":[{"type":"icon","data":{"url":"https://static.dg.refinedtheme.refinedwiki.com/refinedtheme-for-cloud/macro-icons/tab-container.png"}}],"title":"Refined Tab Container"}},"localId":"51a38310-b288-4fb7-a20e-43dcd020e55a"},"content":[{"type":"extension","attrs":{"layout":"default","extensionType":"com.atlassian.confluence.macro.core","extensionKey":"rw-tab","parameters":{"macroParams":{"title":{"value":"Cloud collector"}},"macroMetadata":{"macroId":{"value":"2825992cb366f7c43cdf1373692654dc"},"schemaVersion":{"value":"1"},"placeholder":[{"type":"icon","data":{"url":"https://static.dg.refinedtheme.refinedwiki.com/refinedtheme-for-cloud/macro-icons/tab.png"}}],"title":"Refined Tab"}},"localId":"1747fb70-d41e-4456-bc39-11c522fd0f56"}},{"type":"paragraph","content":[{"text":"We use a piece of software called Collector Server to host and manage all our available collectors.","type":"text"}]},{"type":"paragraph","content":[{"text":"To enable the collector for a customer:","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Collector Server","type":"text","marks":[{"type":"strong"}]},{"text":" ","type":"text"},{"text":"GUI","type":"text","marks":[{"type":"strong"}]},{"text":", access the ","type":"text"},{"text":"domain","type":"text","marks":[{"type":"strong"}]},{"text":" in which you want this instance to be created","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Click ","type":"text"},{"text":"Add Collector","type":"text","marks":[{"type":"strong"}]},{"text":" and find the one you wish to add.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Version","type":"text","marks":[{"type":"strong"}]},{"text":" field, select the latest value.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Collector Name","type":"text","marks":[{"type":"strong"}]},{"text":" field, set the value you prefer (this name must be unique inside the same Collector Server domain).","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the sending method select ","type":"text"},{"text":"Direct Send. Direct Send","type":"text","marks":[{"type":"strong"}]},{"text":" configuration is optional for collectors that create ","type":"text"},{"text":"Table","type":"text","marks":[{"type":"code"}]},{"text":" events, but mandatory for those that create ","type":"text"},{"text":"Lookups","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"In the ","type":"text"},{"text":"Parameters","type":"text","marks":[{"type":"strong"}]},{"text":" section, establish the ","type":"text"},{"text":"Collector Parameters","type":"text","marks":[{"type":"strong"}]},{"text":" as follows below:","type":"text"}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Editing the JSON configuration","type":"text"}]},{"type":"codeBlock","content":[{"text":"{\n \"global_overrides\": {\n \"debug\": \n },\n \"inputs\": {\n \"fastly\": {\n \"id\": \"\",\n \"corp_name\": \"\",\n \"site\": \"\",\n \"enabled\": true,\n “environment”: “”,\n \"credentials\": {\n \"user_email\": \"\",\n “api_token”\": \"\",\n },\n \"services\": {\n \"corp_activity_events\": {\n \"request_period_in_seconds\": ,\n \"override_tag\": ,\n \"start_time_utc\": \n },\n \"site_activity_events\": {\n \"request_period_in_seconds\": ,\n \"override_tag\": ,\n \"start_time_utc\": \n },\n \"corp_events\": {\n \"request_period_in_seconds\": ,\n \"override_tag\": ,\n \"start_time_utc\": \n },\n \"feed_requests\": {\n \"request_period_in_seconds\": ,\n \"override_tag\": ,\n \"start_time_utc\": \n },\n }\n }\n }\n}","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"d875d6ad-27ab-41c8-93f3-94b61f4fca53"},"content":[{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Parameter","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Data type","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Type","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Value Range","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Details","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"collector_name","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Use this param to give a name to this collector.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"devo_address","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"collector-us.devo.io","type":"text","marks":[{"type":"link","attrs":{"href":"http://collector-us.devo.io"}}]},{"text":" ","type":"text"}]},{"type":"paragraph","content":[{"text":"collector-eu.devo.io","type":"text","marks":[{"type":"link","attrs":{"href":"http://collector-eu.devo.io"}}]},{"text":" ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Use this parameter to identify the Devo Cloud where the events will be sent.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"chain_filename","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"minimum length: 4","type":"text"}]},{"type":"paragraph","content":[{"text":"maximum length: 20","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Use this parameter to identify the chain.cert file downloaded from your Devo domain. Usually this file's name is: chain.crt.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"cert_filename","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"minimum length: 4","type":"text"}]},{"type":"paragraph","content":[{"text":"maximum length: 20","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Use this parameter to identify the file.cert downloaded from your Devo domain.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"key_filename","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"minimum length: 4","type":"text"}]},{"type":"paragraph","content":[{"text":"maximum length: 20","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Use this parameter to identify the file.key downloaded from your Devo domain.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"short_unique_id","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"int","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]},{"type":"paragraph","content":[{"text":"Maximum length: 5","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Use this param to give an unique id to this input service.","type":"text"}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"This parameter is used to build the persistence address, do not use the same value for multiple collectors. It could cause a collision.","type":"text"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"corp_name_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"int","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]},{"type":"paragraph"}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"The corporation for the Next-Gen WAF API. To find out how to get it, see the ","type":"text"},{"text":"Vendor Setup guide","type":"text","marks":[{"type":"strong"}]},{"text":"..","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"site_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"int","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]},{"type":"paragraph"}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"The site for the Next-Gen WAF API. To find out how to get it, see the ","type":"text"},{"text":"Vendor Setup guide","type":"text","marks":[{"type":"strong"}]},{"text":"..","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"environment_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"This is an optional control parameter that is injected into the events and allows to differentiate the environment. For example: dev and prod.","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"This parameter should be removed if it is not used.","type":"text"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"user_email_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]},{"type":"paragraph"}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"The user email for the Next-Gen WAF API. To find out how to get it, see the ","type":"text"},{"text":"Vendor Setup guide","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"api_token_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]},{"type":"paragraph"}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"The api_token for the Next-Gen WAF API. To find out how to get it, see the ","type":"text"},{"text":"Vendor Setup guide","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"override_tag_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Devo tag-friendly string (no special characters, spaces, etc.) For more information see ","type":"text"},{"text":"Devo Tags","type":"text","marks":[{"type":"underline"},{"type":"link","attrs":{"href":"https://docs.devo.com/space/latest/95126204/About%20Devo%20tags"}}]},{"text":".","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"An optional tag that allows users to override the service default tags.","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"This parameter can be removed or commented.","type":"text"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"start_time_utc_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"UTC datetime string having datetime string format %Y-%m-%dT%H:%M:%SZ","type":"text"}]},{"type":"paragraph","content":[{"text":" (e.g., “2023-07-11T01:23:01Z”)","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"Must be within 24 hours to 5 minutes in past for feed_requests servcie.","type":"text"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"This configuration allows you to set a custom date as the beginning of the period to download. This allows downloading historical data (one month back for example) before downloading new events.","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"This parameter should be removed if it is not used.","type":"text"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"request_period_in_seconds_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"int","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Period in seconds used between each data pulling. This value will overwrite the default value (60 seconds).","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"This parameter can be removed or commented.","type":"text"}]}]}]}]}]},{"type":"extension","attrs":{"layout":"default","extensionType":"com.atlassian.confluence.macro.core","extensionKey":"rw-tab","parameters":{"macroParams":{"title":{"value":"On-premise collector"}},"macroMetadata":{"macroId":{"value":"0e08d10a084320745cfcad174c481cfb"},"schemaVersion":{"value":"1"},"placeholder":[{"type":"icon","data":{"url":"https://static.dg.refinedtheme.refinedwiki.com/refinedtheme-for-cloud/macro-icons/tab.png"}}],"title":"Refined Tab"}},"localId":"3392ad6b-e017-4587-96ac-e5e9d4459cb2"}},{"type":"paragraph","content":[{"text":"This data collector can be run in any machine that has the Docker service available because it should be executed as a docker container. The following sections explain how to prepare all the required setup for having the data collector running.","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Structure","type":"text"}]},{"type":"paragraph","content":[{"text":"The following directory structure should be created for being used when running the collector:","type":"text"}]},{"type":"codeBlock","content":[{"text":"\n└── devo-collectors/\n └── /\n ├── certs/\n │ ├── chain.crt\n │ ├── .key\n │ └── .crt\n ├── state/\n └── config/ \n └── config.yaml ","type":"text"}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"Replace ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" with the proper value.","type":"text"}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Devo credentials","type":"text"}]},{"type":"paragraph","content":[{"text":"In Devo, go to ","type":"text"},{"text":"Administration → Credentials → X.509 Certificates","type":"text","marks":[{"type":"strong"}]},{"text":", download the ","type":"text"},{"text":"Certificate","type":"text","marks":[{"type":"strong"}]},{"text":", ","type":"text"},{"text":"Private key","type":"text","marks":[{"type":"strong"}]},{"text":" and ","type":"text"},{"text":"Chain CA","type":"text","marks":[{"type":"strong"}]},{"text":" and save them in ","type":"text"},{"text":"/certs/","type":"text","marks":[{"type":"code"}]},{"text":". Learn more about security credentials in Devo ","type":"text"},{"text":"here","type":"text","marks":[{"type":"link","attrs":{"href":"#"}}]},{"text":".","type":"text"}]},{"type":"mediaSingle","attrs":{"layout":"center","width":727,"widthType":"pixel"},"content":[{"type":"media","attrs":{"width":950,"alt":"image-20240205-105224.png","id":"338f3678-a52b-4897-8111-2064187d5dc8","collection":"contentId-488374507","type":"file","height":448}}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"Replace ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" with the proper value.","type":"text"}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Editing the config.yaml file","type":"text"}]},{"type":"codeBlock","content":[{"text":"globals:\n debug: false\n id: not_used\n name: \n persistence:\n type: filesystem\n config:\n directory_name: state\noutputs:\n devo_1:\n type: devo_platform\n config:\n address: \n port: 443\n type: SSL\n chain: \n cert: \n key: \ninputs:\n fastly:\n id: \n enabled: true\n environment:: \n corp_name: \n site: \n credentials:\n user_email: \n api_token: \n services:\n corp_activity_events:\n request_period_in_seconds: \n override_tag: \n start_time_utc: \n site_activity_events:\n request_period_in_seconds: \n override_tag: \n start_time_utc: \n corp_events:\n request_period_in_seconds: \n override_tag: \n start_time_utc: \n feed_requests::\n request_period_in_seconds: \n override_tag: \n start_time_utc: ","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"All defined service entities will be executed by the collector. If you do not want to run any of them, just remove the entity from the ","type":"text"},{"text":"services","type":"text","marks":[{"type":"code"}]},{"text":" object.","type":"text"}]}]},{"type":"paragraph","content":[{"text":"Replace the placeholders with your required values following the description table below:","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"a5d7ab2d-89db-44ef-865f-d10594b38cba"},"content":[{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Parameter","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Data type","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Type","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Value Range","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Details","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"collector_name","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Use this param to give a name to this collector.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"devo_address","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"collector-us.devo.io","type":"text","marks":[{"type":"link","attrs":{"href":"http://collector-us.devo.io"}}]},{"text":" ","type":"text"}]},{"type":"paragraph","content":[{"text":"collector-eu.devo.io","type":"text","marks":[{"type":"link","attrs":{"href":"http://collector-eu.devo.io"}}]},{"text":" ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Use this parameter to identify the Devo Cloud where the events will be sent.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"chain_filename","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"minimum length: 4","type":"text"}]},{"type":"paragraph","content":[{"text":"maximum length: 20","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Use this parameter to identify the chain.cert file downloaded from your Devo domain. Usually this file's name is: chain.crt.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"cert_filename","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"minimum length: 4","type":"text"}]},{"type":"paragraph","content":[{"text":"maximum length: 20","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Use this parameter to identify the file.cert downloaded from your Devo domain.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"key_filename","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"minimum length: 4","type":"text"}]},{"type":"paragraph","content":[{"text":"maximum length: 20","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Use this parameter to identify the file.key downloaded from your Devo domain.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"short_unique_id","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"int","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]},{"type":"paragraph","content":[{"text":"Maximum length: 5","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Use this param to give an unique id to this input service.","type":"text"}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"This parameter is used to build the persistence address, do not use the same value for multiple collectors. It could cause a collision.","type":"text"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"corp_name_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"int","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]},{"type":"paragraph"}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"The corporation for the Next-Gen WAF API. To find out how to get it, see the ","type":"text"},{"text":"Vendor Setup guide","type":"text","marks":[{"type":"strong"}]},{"text":"..","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"site_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"int","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]},{"type":"paragraph"}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"The site for the Next-Gen WAF API. To find out how to get it, see the ","type":"text"},{"text":"Vendor Setup guide","type":"text","marks":[{"type":"strong"}]},{"text":"..","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"environment_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"This is an optional control parameter that is injected into the events and allows to differentiate the environment. For example: dev and prod.","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"This parameter should be removed if it is not used.","type":"text"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"user_email_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]},{"type":"paragraph"}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"The user email for the Next-Gen WAF API. To find out how to get it, see the ","type":"text"},{"text":"Vendor Setup guide","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"api_token_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Mandatory","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Minimum length: 1","type":"text"}]},{"type":"paragraph"}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"The api_token for the Next-Gen WAF API. To find out how to get it, see the ","type":"text"},{"text":"Vendor Setup guide","type":"text","marks":[{"type":"strong"}]},{"text":".","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"override_tag_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Devo tag-friendly string (no special characters, spaces, etc.) For more information see ","type":"text"},{"text":"Devo Tags","type":"text","marks":[{"type":"underline"},{"type":"link","attrs":{"href":"https://docs.devo.com/space/latest/95126204/About%20Devo%20tags"}}]},{"text":".","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"An optional tag that allows users to override the service default tags.","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"This parameter can be removed or commented.","type":"text"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"start_time_utc_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"str","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"UTC datetime string having datetime string format %Y-%m-%dT%H:%M:%SZ","type":"text"}]},{"type":"paragraph","content":[{"text":" (e.g., “2023-07-11T01:23:01Z”)","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"Must be within 24 hours to 5 minutes in past for feed_requests servcie.","type":"text"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"This configuration allows you to set a custom date as the beginning of the period to download. This allows downloading historical data (one month back for example) before downloading new events.","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"This parameter should be removed if it is not used.","type":"text"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"request_period_in_seconds_value","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"int","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Optional","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"minimum length: 1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Period in seconds used between each data pulling. This value will overwrite the default value (300 seconds).","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"This parameter can be removed or commented.","type":"text"}]}]}]}]}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Download the Docker image","type":"text"}]},{"type":"paragraph","content":[{"text":"The collector should be deployed as a Docker container. Download the Docker image of the collector as a .tgz file by clicking the link in the following table:","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"94785be3-54fc-4266-9d73-deee265f1451"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[363.0]},"content":[{"type":"paragraph","content":[{"text":"Collector Docker image","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"rowspan":1,"colwidth":[363.0]},"content":[{"type":"paragraph","content":[{"text":"SHA-256 hash","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[363.0]},"content":[{"type":"paragraph","content":[{"text":"collector-fastly_nextgen_waf_if-docker-image-1.0.0","type":"text","marks":[{"type":"link","attrs":{"href":"https://drive.google.com/file/d/1LqaxZE7gQiVjHssdZZhWs5ucNVsrHQsU/view?usp=drive_link"}}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[363.0]},"content":[{"type":"paragraph","content":[{"text":"dc2a3b404f6b48393333185cb228bfe5133cba07cf44ab03368ad94485b22c2b","type":"text","marks":[{"type":"code"}]}]}]}]}]},{"type":"paragraph","content":[{"text":"Use the following command to add the Docker image to the system:","type":"text"}]},{"type":"codeBlock","content":[{"text":"gunzip -c -.tgz | docker load","type":"text"}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"Once the Docker image is imported, it will show the real name of the Docker image (including version info). Replace ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" with a proper value.","type":"text"}]}]},{"type":"paragraph","content":[{"text":"The Docker image can be deployed on the following services:","type":"text"}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Docker","type":"text"}]},{"type":"paragraph","content":[{"text":"Execute the following command on the root directory ","type":"text"},{"text":"/devo-collectors//","type":"text","marks":[{"type":"code"}]}]},{"type":"codeBlock","content":[{"text":"docker run \n--name collector- \n--volume $PWD/certs:/devo-collector/certs \n--volume $PWD/config:/devo-collector/config \n--volume $PWD/state:/devo-collector/state \n--env CONFIG_FILE=config.yaml \n--rm \n--interactive \n--tty \n:","type":"text"}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"Replace ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":", ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" with the proper values.","type":"text"}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Docker Compose","type":"text"}]},{"type":"paragraph","content":[{"text":"The following Docker Compose file can be used to execute the Docker container. It must be created in the ","type":"text"},{"text":"/devo-collectors//","type":"text","marks":[{"type":"code"}]},{"text":" directory.","type":"text"}]},{"type":"codeBlock","content":[{"text":"version: '3'\nservices:\n collector-:\n image: :${IMAGE_VERSION:-latest}\n container_name: collector-\n volumes:\n - ./certs:/devo-collector/certs\n - ./config:/devo-collector/config\n - ./credentials:/devo-collector/credentials\n - ./state:/devo-collector/state\n environment:\n - CONFIG_FILE=${CONFIG_FILE:-config.yaml}","type":"text"}]},{"type":"paragraph","content":[{"text":"To run the container using docker-compose, execute the following command from the ","type":"text"},{"text":"/devo-collectors//","type":"text","marks":[{"type":"code"}]},{"text":" directory:","type":"text"}]},{"type":"codeBlock","content":[{"text":"IMAGE_VERSION= docker-compose up -d","type":"text"}]},{"type":"panel","attrs":{"panelType":"warning"},"content":[{"type":"paragraph","content":[{"text":"Replace ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":", ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" and ","type":"text"},{"text":"","type":"text","marks":[{"type":"code"}]},{"text":" with the proper values.","type":"text"}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Collector services detail","type":"text"}]},{"type":"paragraph","content":[{"text":"This section is intended to explain how to proceed with specific actions for services.","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Events service","type":"text"}]},{"type":"expand","attrs":{"title":"Verify data collection"},"content":[{"type":"heading","attrs":{"level":4},"content":[{"text":"Internal process and deduplication method","type":"text"}]},{"type":"paragraph","content":[{"text":"Data is collected by setting a start date and by pagination. To eliminate duplicates, the date of the last event sent to Devo and the IDs of events with the same date are stored.","type":"text"}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Devo categorization and destination","type":"text"}]},{"type":"paragraph","content":[{"text":"All events of this service are ingested into the table ","type":"text"},{"text":"waf.fastly.nextgen_waf.request_feed.{corpName}.{site}","type":"text","marks":[{"type":"code"}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Setup output","type":"text"}]},{"type":"paragraph","content":[{"text":"A successful run has the following output messages for the setup module:","type":"text"}]},{"type":"codeBlock","content":[{"text":"INFO InputProcess::MainThread -> ServiceThread(fastly,1234123,corp_activity_events,predefined) - Starting thread (execution_period=60s)\nINFO InputProcess::MainThread -> FastlyPullerSetup(fastly_collector,fastly#1234123,corp_activity_events#predefined) -> Starting thread\nWARNING InputProcess::FastlyPullerSetup(fastly_collector,fastly#1234123,corp_activity_events#predefined) -> The token/header/authentication has not been created yet\nINFO InputProcess::FastlyPullerSetup(fastly_collector,fastly#1234123,corp_activity_events#predefined) -> Setup for module has been successfully executed","type":"text"}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Puller output","type":"text"}]},{"type":"paragraph","content":[{"text":"A successful initial run has the following output messages for the puller module:","type":"text"}]},{"type":"codeBlock","content":[{"text":"INFO InputProcess::FastlyEventsPuller(fastly,1234123,corp_activity_events,predefined) -> FastlyEventsPuller(fastly,1234123,corp_activity_events,predefined) Starting the execution of pre_pull()\nINFO InputProcess::FastlyEventsPuller(fastly,1234123,corp_activity_events,predefined) -> Reading persisted data\nINFO InputProcess::FastlyEventsPuller(fastly,1234123,corp_activity_events,predefined) -> Data retrieved from the persistence: None\nWARNING InputProcess::FastlyEventsPuller(fastly,1234123,corp_activity_events,predefined) -> Persistence will be overridden due to the retrieved state is empty\nINFO InputProcess::FastlyEventsPuller(fastly,1234123,corp_activity_events,predefined) -> Running the persistence upgrade steps\nINFO InputProcess::FastlyEventsPuller(fastly,1234123,corp_activity_events,predefined) -> Running the persistence corrections steps\nINFO InputProcess::FastlyEventsPuller(fastly,1234123,corp_activity_events,predefined) -> Running the persistence corrections steps\nWARNING InputProcess::FastlyEventsPuller(fastly,1234123,corp_activity_events,predefined) -> Some changes have been detected and the persistence needs to be updated. Previous content: None. New content: {'@persistence_version': 1, 'start_time_epoch': 1673400180, 'last_event_time_epoch': 1673400180, 'last_id': None}\nINFO InputProcess::FastlyEventsPuller(fastly,1234123,corp_activity_events,predefined) -> Updating the persistence\nWARNING InputProcess::FastlyEventsPuller(fastly,1234123,corp_activity_events,predefined) -> Persistence has been updated successfully\nINFO InputProcess::FastlyEventsPuller(fastly,1234123,corp_activity_events,predefined) -> FastlyEventsPuller(fastly,1234123,corp_activity_events,predefined) Finalizing the execution of pre_pull()\nINFO InputProcess::FastlyEventsPuller(fastly,1234123,corp_activity_events,predefined) -> Starting data collection every 60 seconds\nINFO InputProcess::FastlyEventsPuller(fastly,1234123,corp_activity_events,predefined) -> Pull Started\nINFO InputProcess::FastlyEventsPuller(fastly,1234123,corp_activity_events,predefined) -> (Partial) Statistics for this pull cycle (@devo_pulling_id=1700122878630):Number of requests made: 1; Number of events received: 13; Number of duplicated events filtered out: 0; Number of events generated and sent: 13; Average of events per second: 6.338.\nINFO InputProcess::FastlyEventsPuller(fastly,1234123,corp_activity_events,predefined) -> Statistics for this pull cycle (@devo_pulling_id=1700122878630):Number of requests made: 1; Number of events received: 13; Number of duplicated events filtered out: 0; Number of events generated and sent: 13; Average of events per second: 6.336.\nINFO InputProcess::FastlyEventsPuller(fastly,1234123,corp_activity_events,predefined) -> The data is up to date!\nINFO InputProcess::FastlyEventsPuller(fastly,1234123,corp_activity_events,predefined) -> Data collection completed. Elapsed time: 2.070 seconds. Waiting for 57.930 second(s) until the next one","type":"text"}]},{"type":"paragraph","content":[{"text":"After a successful collector’s execution (that is, no error logs found), you will see the following log message:","type":"text"}]},{"type":"codeBlock","content":[{"text":"INFO InputProcess::FastlyEventsPuller(fastly,1234123,corp_activity_events,predefined) -> Statistics for this pull cycle (@devo_pulling_id=1700122878630):Number of requests made: 1; Number of events received: 13; Number of duplicated events filtered out: 0; Number of events generated and sent: 13; Average of events per second: 6.336.","type":"text"}]}]},{"type":"expand","attrs":{"title":"Restart the persistence"},"content":[{"type":"paragraph","content":[{"text":"This collector uses persistent storage to download events in an orderly fashion and avoid duplicates. In case you want to re-ingest historical data or recreate the persistence, you can restart the persistence of this collector by following these steps:","type":"text"}]},{"type":"orderedList","attrs":{"order":1},"content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Edit the configuration file.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Change the value of the ","type":"text"},{"text":"start_time_utc","type":"text","marks":[{"type":"code"}]},{"text":" parameter to a different one.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Save the changes.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Restart the collector.","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"The collector will detect this change and will restart the persistence using the parameters of the configuration file or the default configuration in case it has not been provided.","type":"text"}]}]},{"type":"expand","attrs":{"title":"Troubleshooting"},"content":[{"type":"paragraph","content":[{"text":"This collector has different security layers that detect both an invalid configuration and abnormal operation. This table will help you detect and resolve the most common errors.","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"788156fa-9325-4522-aaba-42385462aa63"},"content":[{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Error type","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Error ID","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Error message","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Cause","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"background":"#f4f5f7","rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Solution","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":2},"content":[{"type":"paragraph","content":[{"text":"InitVariablesError","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"1","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Invalid start_time_utc: {datetime_utc_now}. Must be in the past.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"The user has set the start_time_utc parameter in the future","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Set the start_time_utc parameter to a date and time earlier than the current one in the configuration file.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"2","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Invalid start_time_utc: {datetime_utc_now}. The maximum value is 24 hours and 5 minutes in the past (in utc time).","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"The user has set the start_time_utc parameter out of range.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Set the start_time_utc parameter within the indicated range.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"SetupError","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"102","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"ERROR: The base url is invalid. Cause: {cause}","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"The url is malformed because you have entered an invalid corporation or site value.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Check if the corporation and site values are correct.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":5},"content":[{"type":"paragraph","content":[{"text":"ApiError","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"400","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"HTTP ERROR 400: Bad request: The server could not understand the request.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"The API request is malformed.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Contact the Devo team","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"401","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"HTTP ERROR 401: Unauthorized: Authentication is required and has failed or has not been provided.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"The user is not authorized to access the requested service.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Check the permissions and that the credentials are not expired.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"402","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"HTTP ERROR 500: Server Error: An error occurred on the server.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Unknown server error.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Check that the internet connection works correctly and contact the company that manages the server on which the events are hosted.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"403","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Request Error: Received status code {status_code}","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Unknown API error","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Contact the Devo team.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"404","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"HTTP ERROR 429: Too Many Requests: The user has sent too many requests in a given amount of time.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Too many requests have been sent to the resource.","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1},"content":[{"type":"paragraph","content":[{"text":"Check:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"That there is only one POD running.","type":"text"}]}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"That there are no more computers using the same credentials","type":"text"}]}]}]},{"type":"paragraph","content":[{"text":"Wait several minutes before restarting the collector.","type":"text"}]},{"type":"paragraph","content":[{"text":"If nothing works, contact the Devo team.","type":"text"}]}]}]}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Collector operations","type":"text"}]},{"type":"paragraph","content":[{"text":"This section is intended to explain how to proceed with specific operations of this collector.","type":"text"}]},{"type":"expand","attrs":{"title":"Verify collector operations"},"content":[{"type":"heading","attrs":{"level":3},"content":[{"text":"Initialization","type":"text"}]},{"type":"paragraph","content":[{"text":"The initialization module is in charge of setup and running the input (pulling logic) and output (delivering logic) services and validating the given configuration.","type":"text"}]},{"type":"paragraph","content":[{"text":"A successful run has the following output messages for the initializer module:","type":"text"}]},{"type":"codeBlock","content":[{"text":"2023-01-10T15:22:57.146 INFO MainProcess::MainThread -> Loading configuration using the following files: {\"full_config\": \"config.yaml\", \"job_config_loc\": null, \"collector_config_loc\": null}\n2023-01-10T15:22:57.146 INFO MainProcess::MainThread -> Using the default location for \"job_config_loc\" file: \"/etc/devo/job/job_config.json\"\n2023-01-10T15:22:57.147 INFO MainProcess::MainThread -> \"\\etc\\devo\\job\" does not exists\n2023-01-10T15:22:57.147 INFO MainProcess::MainThread -> Using the default location for \"collector_config_loc\" file: \"/etc/devo/collector/collector_config.json\"\n2023-01-10T15:22:57.148 INFO MainProcess::MainThread -> \"\\etc\\devo\\collector\" does not exists\n2023-01-10T15:22:57.148 INFO MainProcess::MainThread -> Results of validation of config files parameters: {\"config\": \"config.yaml\", \"config_validated\": True, \"job_config_loc\": \"/etc/devo/job/job_config.json\", \"job_config_loc_default\": True, \"job_config_loc_validated\": False, \"collector_config_loc\": \"/etc/devo/collector/collector_config.json\", \"collector_config_loc_default\": True, \"collector_config_loc_validated\": False}\n2023-01-10T15:22:57.171 WARNING MainProcess::MainThread -> [WARNING] Illegal global setting has been ignored -> multiprocessing: False","type":"text"}]},{"type":"heading","attrs":{"level":3},"content":[{"text":"Events delivery and Devo ingestion","type":"text"}]},{"type":"paragraph","content":[{"text":"The event delivery module is in charge of receiving the events from the internal queues where all events are injected by the pullers and delivering them using the selected compatible delivery method.","type":"text"}]},{"type":"paragraph","content":[{"text":"A successful run has the following output messages for the initializer module:","type":"text"}]},{"type":"codeBlock","content":[{"text":"2023-01-10T15:23:00.788 INFO OutputProcess::MainThread -> DevoSender(standard_senders,devo_sender_0) -> Starting thread\n2023-01-10T15:23:00.789 INFO OutputProcess::MainThread -> DevoSenderManagerMonitor(standard_senders,devo_1) -> Starting thread (every 300 seconds)\n2023-01-10T15:23:00.790 INFO OutputProcess::MainThread -> DevoSenderManager(standard_senders,manager,devo_1) -> Starting thread\n2023-01-10T15:23:00.842 INFO OutputProcess::MainThread -> global_status: {\"output_process\": {\"process_id\": 18804, \"process_status\": \"running\", \"thread_counter\": 21, \"thread_names\": [\"MainThread\", \"pydevd.Writer\", \"pydevd.Reader\", \"pydevd.CommandThread\", \"pydevd.CheckAliveThread\", \"DevoSender(standard_senders,devo_sender_0)\", \"DevoSenderManagerMonitor(standard_senders,devo_1)\", \"DevoSenderManager(standard_senders,manager,devo_1)\", \"OutputStandardConsumer(standard_senders_consumer_0)\",","type":"text"}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Sender services","type":"text"}]},{"type":"paragraph","content":[{"text":"The Integrations Factory Collector SDK has 3 different senders services depending on the event type to delivery (","type":"text"},{"text":"internal","type":"text","marks":[{"type":"code"}]},{"text":", ","type":"text"},{"text":"standard","type":"text","marks":[{"type":"code"}]},{"text":", and ","type":"text"},{"text":"lookup","type":"text","marks":[{"type":"code"}]},{"text":"). This collector uses the following Sender Services:","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"6bd704ef-0e1e-4407-992c-002264d15132"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[365.0]},"content":[{"type":"paragraph","content":[{"text":"Sender services","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[365.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[365.0]},"content":[{"type":"paragraph","content":[{"text":"internal_senders","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[365.0]},"content":[{"type":"paragraph","content":[{"text":"In charge of delivering internal metrics to Devo such as logging traces or metrics.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[365.0]},"content":[{"type":"paragraph","content":[{"text":"standard_senders","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[365.0]},"content":[{"type":"paragraph","content":[{"text":"In charge of delivering pulled events to Devo.","type":"text"}]}]}]}]},{"type":"heading","attrs":{"level":4},"content":[{"text":"Sender statistics","type":"text"}]},{"type":"paragraph","content":[{"text":"Each service displays its own performance statistics that allow checking how many events have been delivered to Devo by type:","type":"text"}]},{"type":"table","attrs":{"layout":"default","localId":"b4ce6589-85aa-4583-b31b-545216de40ff"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[365.0]},"content":[{"type":"paragraph","content":[{"text":"Logging trace","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[365.0]},"content":[{"type":"paragraph","content":[{"text":"Description","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[365.0]},"content":[{"type":"paragraph","content":[{"text":"Number of available senders: 1","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[365.0]},"content":[{"type":"paragraph","content":[{"text":"Displays the number of concurrent senders available for the given Sender Service.","type":"text"}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[365.0]},"content":[{"type":"paragraph","content":[{"text":"sender manager internal queue size: 0","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[365.0]},"content":[{"type":"paragraph","content":[{"text":"Displays the items available in the internal sender queue.","type":"text"}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"This value helps detect bottlenecks and needs to increase the performance of data delivery to Devo. This last can be made by increasing the concurrent senders.","type":"text"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[365.0]},"content":[{"type":"paragraph","content":[{"text":"Total number of messages sent: 44, messages sent since \"2022-06-28 10:39:22.511671+00:00\": 21 (elapsed 0.007 seconds)","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[365.0]},"content":[{"type":"paragraph","content":[{"text":"Displayes the number of events from the last time and following the given example, the following conclusions can be obtained:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"44 events were sent to Devo since the collector started.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"The last checkpoint timestamp was ","type":"text"},{"text":"2022-06-28 10:39:22.511671+00:00","type":"text","marks":[{"type":"code"}]},{"text":".","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"21 events where sent to Devo between the last UTC checkpoint and now.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Those 21 events required ","type":"text"},{"text":"0.007 seconds","type":"text","marks":[{"type":"code"}]},{"text":" to be delivered.","type":"text"}]}]}]},{"type":"panel","attrs":{"panelType":"info"},"content":[{"type":"paragraph","content":[{"text":"By default these traces will be shown every 10 minutes.","type":"text"}]}]}]}]}]}]},{"type":"expand","attrs":{"title":"Check memory usage"},"content":[{"type":"paragraph","content":[{"text":"To check the memory usage of this collector, look for the following log records in the collector which are displayed every 5 minutes by default, always after running the memory-free process.","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"The used memory is displayed by running processes and the sum of both values will give the total used memory for the collector.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"The global pressure of the available memory is displayed in the ","type":"text"},{"text":"global","type":"text","marks":[{"type":"code"}]},{"text":" value.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"All metrics (Global, RSS, VMS) include the value before freeing and after ","type":"text"},{"text":"previous -> after freeing memory","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"codeBlock","content":[{"text":"INFO InputProcess::MainThread -> [GC] global: 20.4% -> 20.4%, process: RSS(34.50MiB -> 34.08MiB), VMS(410.52MiB -> 410.02MiB)\nINFO OutputProcess::MainThread -> [GC] global: 20.4% -> 20.4%, process: RSS(28.41MiB -> 28.41MiB), VMS(705.28MiB -> 705.28MiB)","type":"text"}]}]},{"type":"heading","attrs":{"level":2},"content":[{"text":"Change log","type":"text"}]},{"type":"table","attrs":{"layout":"default","width":760.0,"localId":"ffe42a46-4f35-4aec-b7a9-e5bb47d1fad6"},"content":[{"type":"tableRow","content":[{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[136.0]},"content":[{"type":"paragraph","content":[{"text":"Release","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[136.0]},"content":[{"type":"paragraph","content":[{"text":"Released on","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[136.0]},"content":[{"type":"paragraph","content":[{"text":"Release type","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[136.0]},"content":[{"type":"paragraph","content":[{"text":"Details","type":"text","marks":[{"type":"strong"}]}]}]},{"type":"tableHeader","attrs":{"colspan":1,"background":"var(--ds-background-neutral, #F4F5F7)","rowspan":1,"colwidth":[136.0]},"content":[{"type":"paragraph","content":[{"text":"Recommendations","type":"text","marks":[{"type":"strong"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[136.0]},"content":[{"type":"paragraph","content":[{"text":"v1.2.0","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[136.0]},"content":[{"type":"paragraph","content":[{"type":"date","attrs":{"timestamp":"1743984000000"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[136.0]},"content":[{"type":"paragraph","content":[{"type":"status","attrs":{"color":"green","style":"bold","text":"FIXES","localId":"41e6a4fc-61f4-44c5-811e-2ddbabf78771"}}]},{"type":"paragraph","content":[{"type":"status","attrs":{"color":"blue","style":"bold","text":"IMPROVEMENTS","localId":"57891271-89fc-4f22-8fa2-e7779b5b4021"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[136.0]},"content":[{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Fixed init variable issue.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Upgraded DCSDK from 1.12.4 to 1.15.0","type":"text"}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[136.0]},"content":[{"type":"paragraph","content":[{"text":"Recommended Version","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[136.0]},"content":[{"type":"paragraph","content":[{"text":"v1.1.0","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[136.0]},"content":[{"type":"paragraph","content":[{"type":"date","attrs":{"timestamp":"1724630400000"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[136.0]},"content":[{"type":"paragraph","content":[{"type":"status","attrs":{"color":"blue","style":"bold","text":"IMPROVEMENTS","localId":"b5fa3b76-5b7b-41d8-8622-d4c37c252cbe"}},{"text":" ","type":"text"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[136.0]},"content":[{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Added a buffer to protect the collector when too many messages fill the memory. Events are sent in batches of 30000.","type":"text"}]}]},{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Upgraded DCSDK from 1.10.2 to 1.12.4","type":"text"}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[136.0]},"content":[{"type":"paragraph","content":[{"text":"Update","type":"text","marks":[{"type":"code"}]}]}]}]},{"type":"tableRow","content":[{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[136.0]},"content":[{"type":"paragraph","content":[{"text":"v1.0.0","type":"text","marks":[{"type":"code"}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[136.0]},"content":[{"type":"paragraph","content":[{"type":"date","attrs":{"timestamp":"1696896000000"}}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[136.0]},"content":[{"type":"paragraph","content":[{"type":"status","attrs":{"color":"purple","style":"bold","text":"INITIAL RELEASE","localId":"39240b48-74c1-4766-ba78-09ea1b239815"}},{"text":" ","type":"text"},{"type":"hardBreak"},{"type":"hardBreak"},{"type":"hardBreak"}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[136.0]},"content":[{"type":"paragraph","content":[{"text":"Deployed the first Beta version of the Fastly Next-Gen WAF with the following services:","type":"text"}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"List corp activity events.","type":"text"}]}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"List site activity events.","type":"text"}]}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"List corp events.","type":"text"}]}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"Get request feed.","type":"text"}]}]}]},{"type":"bulletList","content":[{"type":"listItem","content":[{"type":"paragraph","content":[{"text":"DCSDK Version: 1.10.0","type":"text"}]}]}]}]},{"type":"tableCell","attrs":{"colspan":1,"rowspan":1,"colwidth":[136.0]},"content":[{"type":"paragraph","content":[{"text":"Update","type":"text","marks":[{"type":"code"}]}]}]}]}]}],"version":1}

Browser not supported