Cato SASE collector
Overview
Cato SASE enables customers to be ready for whatever comes next. Cato achieves this transformational impact by partnering with customers to change the ownership model of IT infrastructure from "own it" to "use it".
Devo collector features
Feature | Details |
---|---|
Allow parallel downloading ( |
|
Running environments |
|
Populated Devo events |
|
Flattening preprocessing |
|
Requires IP Whitelisting |
|
Data sources
Data source | Description | GraphQL query | Collector service name | Devo table | Available from |
---|---|---|---|---|---|
| Get all the Security event type | {
eventsFeed(
accountIDs: [$accountIDs]
marker: $marker
filters: [{ fieldName: event_type, operator: is, values: ["Security"] }]
) {
marker
fetchedCount
accounts {
records {
time
fieldsMap
}
}
}
} |
|
|
|
| Get all the Connectivity event type | {
eventsFeed(
accountIDs: [$accountIDs]
marker: $marker
filters: [{ fieldName: event_type, operator: is, values: ["Connectivity"] }]
) {
marker
fetchedCount
accounts {
records {
time
fieldsMap
}
}
}
} |
|
|
|
| Get all the Security event type | {
eventsFeed(
accountIDs: [$accountIDs]
marker: $marker
filters: [{ fieldName: event_type, operator: is, values: ["Routing"] }]
) {
marker
fetchedCount
accounts {
records {
time
fieldsMap
}
}
}
} |
|
|
|
| Get all the Sockets Management event type |
|
|
| |
| Get all the System event type |
|
|
|
For more information on how the events are parsed, visit our page.
Flattening preprocessing
Data source | Collector service | Optional | Flattening details |
---|---|---|---|
|
|
| not required |
|
|
| not required |
|
|
| not required |
|
|
| not required |
|
|
| not required |
Minimum configuration required for basic pulling
Although this collector supports advanced configuration, the fields required to retrieve data with basic configuration are defined below.
This minimum configuration refers exclusively to those specific parameters of this integration. There are more required parameters related to the generic behavior of the collector. Check setting sections for details.
Setting | Details |
---|---|
| The API Key for CATO API. |
| The account ID for CATO API. |
See the Accepted authentication methods section to verify what settings are required based on the desired authentication method.
Accepted authentication methods
Authentication method | x-api-key | account_id |
---|---|---|
| REQUIRED | REQUIRED |
Run the collector
Once the data source is configured, you can either send us the required information if you want us to host and manage the collector for you (Cloud collector), or deploy and host the collector in your own machine using a Docker image (On-premise collector).
Collector services detail
This section is intended to explain how to proceed with specific actions for services.
Beta services
Services sase_system
, sase_sockets_management
and sase_routing
are in beta.
sase_security
sase_system (beta)
sase_routing (beta)
sase_sockets_management (beta)
Collector operations
This section is intended to explain how to proceed with specific operations of this collector.
Change log
Release | Released on | Release type | Details | Recommendations |
---|---|---|---|---|
| Jun 20, 2024 | FIRST RELEASE | First version of the CATO collector. |
|