Devo (Deprecated)
This Integration is part of the Devo Pack.#
Deprecated
Use the Devo v2 integration instead.
Devo (Deprecated)
This integration is now deprecated. Please use the Devo v2 integration instead.Overview
Use the Devo integration to query data in Devo.
This integration was integrated and tested with API v2 version of Devo.
Configure Devo on Cortex XSOAR
To use the Devo integration, a user with the administrator role is required.
You can access the API key and API secret in the Devo UI under Administration > Credentials .
- Navigate to Settings > Integrations > Servers & Services .
- Search for Devo.
-
Click
Add instance
to create and configure a new integration instance.
- Name : a textual name for the integration instance.
- Server URL (e.g https://api-us.logtrust.com/ )
- API key
- API secret
- Trust any certificate (not secure)
- Use system proxy settings
- Click Test to validate the URLs, token, and connection.
Commands
You can execute these commands from the Cortex XSOAR CLI, as part of an automation, or in a playbook. After you successfully execute a command, a DBot message appears in the War Room with the command details.
1. Perform a query in Devo
Perform a query. For more information about querying in Devo, see the Devo documentation .
Base Command
devo-queryInput
| Argument Name | Description | Required |
|---|---|---|
| query | A LINQ query to launch. The body must have a query or queryId parameter. | Optional |
| queryId | A query Id to launch. The body must have a query or queryId parameter. For information about obtaining the queryID, see the Additional Information section. | Optional |
| from | The start date as a UTC timestamp in the format: 2012-03-01T10:00:00Z. | Required |
| to | The end date as a UTC timestamp in the format: 2012-03-01T10:00:00Z. Default is the cur | Optional |
| skip | Skip the first "X" number of elements of the query. | Optional |
| limit | Limit the results of the query. The query will stop after returning the first X elements of the query or reaching its end. | Optional |
| writeToContext | Whether to write results to context or not | Optional |
Context Output
| Path | Description |
|---|---|
| Devo.Results | The query results |
Command Example
!devo-query from=2018-10-07T08:00:00Z to=2018-10-07T08:30:00Z limit=5 query="from demo.ecommerce.data select eventdate, referralUri, userAgent where method=\"GET\""Context Example
{
"Devo": {
"Results": [
{
"eventcount": 1,
"eventdate": "2018-10-07T08:00:00Z",
"referralUri": "http://www.logtrust.com/oldlink?item_id=LOG-77\u0026port=161\u0026JSESSIONID=SD5SL4FF3ADFF5",
"userAgent": "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1"
},
{
"eventcount": 1,
"eventdate": "2018-10-07T08:00:01Z",
"referralUri": "http://www.bing.com/cart.do?action=purchase\u0026itemId=LOG-66\u0026product_id=L98-72BOK-SKD00\u0026JSESSIONID=SD1SL6FF8ADFF4",
"userAgent": "Opera/9.20 (Windows NT 6.0; U; en)"
},
{
"eventcount": 1,
"eventdate": "2018-10-07T08:00:01Z",
"referralUri": "http://www.logtrust.com/cart.do?action=purchase\u0026itemId=LOG-29\u0026product_id=99J-SALKS-ASKD0\u0026JSESSIONID=SD5SL7FF7ADFF1",
"userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_3) AppleWebKit/601.4.4 (KHTML, like Gecko)"
},
{
"eventcount": 1,
"eventdate": "2018-10-07T08:00:01Z",
"referralUri": "http://www.yahoo.com/product.screen?product_id=235-40LSZ-09823\u0026JSESSIONID=SD1SL4FF10ADFF7",
"userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_3) AppleWebKit/601.4.4 (KHTML, like Gecko)"
},
{
"eventcount": 1,
"eventdate": "2018-10-07T08:00:02Z",
"referralUri": "http://www.logtrust.com/cart.do?action=addtocart\u0026itemId=LOG-66\u0026product_id=235-40ER0-J3308\u0026JSESSIONID=SD9SL1FF5ADFF8",
"userAgent": "Debian APT-HTTP/1.3 (1.0.1ubuntu2)"
}
]
}
}
Human Readable Output
Additional Information
Follow these steps to get the query ID
- Access your Devo environment.
- Navigate to the gear icon > Query Info > Get Id .
Troubleshooting
If you receive HTTP Error
401 (Unauthorized
), the API key or API secret might be incorrect.