Document toolboxDocument toolbox

siem.devo

Owned by Juan Tomás Alonso Nieto (Deactivated), created
Last updated: Apr 09, 2024
1 min read
[ 1 Introduction ] [ 2 Valid tags and data tables  ] [ 3 Table structure ]

Introduction

The tags beginning with siem.devo identify events generated by Devo.

Valid tags and data tables 

The full tag must have at least 3 levels. The first two are fixed as siem.devo. The third level identifies the type of events sent. The fourth level indicates the event subtype.

These are the valid tags and corresponding data tables that will receive the parsers' data:

Product / Service

Tags

Data tables

Product / Service

Tags

Data tables

Devo

siem.devo.service.webapp

siem.devo.service

siem.devo.service.activeboards

siem.devo.service.activeboards

siem.devo.service.activeboardsApi

siem.devo.service.activeboardsApi

siem.devo.service.pdfGenerator

siem.devo.service.pdfGenerator

For more information, read more About Devo tags.

Table structure

These are the fields displayed in these tables:

siem.devo.service

Field

Type

Source field name

Extra fields

Field

Type

Source field name

Extra fields

eventdate

timestamp

 

 

machine

str

vmachine

 

type

str

vtype

 

timestamp

timestamp

 

 

service

str

 

 

instance

str

 

 

environment

str

 

 

domain

str

 

 

level

str

 

 

group

str

 

 

operation

str

 

 

status

str

 

 

id

str

 

 

username

str

 

 

credential_tag

str

 

 

message

str

 

 

metadata

str

 

 

source

str

 

 

logger

str

 

 

timer

int8

 

 

exception

str

 

 

seqnum

int8

 

 

hostchain

str

 

✓

tag

str

 

✓

rawMessage

str

 

✓

siem.devo.service.activeboards

Field

Type

Source field name

Extra fields

Field

Type

Source field name

Extra fields

eventdate

timestamp

 

 

machine

str

vmachine

 

timestamp

timestamp

 

 

service

str

 

 

instance

str

 

 

environment

str

 

 

domain

str

 

 

level

str

 

 

group

str

 

 

operation

str

 

 

status

str

 

 

id

str

 

 

username

str

 

 

credential_tag

str

 

 

message

str

 

 

metadata

str

 

 

source

str

 

 

logger

str

 

 

timer

int8

 

 

exception

str

 

 

seqnum

int8

 

 

hostchain

str

 

✓

tag

str

 

✓

rawMessage

str

 

✓

siem.devo.service.activeboardsApi

Field

Type

Source field name

Extra fields

Field

Type

Source field name

Extra fields

eventdate

timestamp

 

 

machine

str

vmachine

 

timestamp

timestamp

 

 

service

str

 

 

instance

str

 

 

environment

str

 

 

domain

str

 

 

level

str

 

 

group

str

 

 

operation

str

 

 

status

str

 

 

id

str

 

 

username

str

 

 

credential_tag

str

 

 

message

str

 

 

metadata

str

 

 

source

str

 

 

logger

str

 

 

timer

int8

 

 

exception

str

 

 

seqnum

int8

 

 

hostchain

str

 

✓

tag

str

 

✓

rawMessage

str

 

✓

siem.devo.service.pdfGenerator

Field

Type

Source field name

Extra fields

Field

Type

Source field name

Extra fields

eventdate

timestamp

 

 

machine

str

vmachine

 

timestamp

timestamp

 

 

service

str

 

 

instance

str

 

 

environment

str

 

 

domain

str

 

 

level

str

 

 

group

str

 

 

operation

str

 

 

status

str

 

 

id

str

 

 

username

str

 

 

credential_tag

str

 

 

message

str

 

 

metadata

str

 

 

source

str

 

 

logger

str

 

 

timer

int8

 

 

exception

str

 

 

seqnum

int8

 

 

hostchain

str

 

✓

tag

str

 

✓

rawMessage

str

 

✓