Searching Devo through the API

Is there a way that we can search data in Devo using the API?

1 UpGoat

You can use our REST API collector to do this.

Your Collect URL Depends on your Devo Domain Region, which you can find here:
https://docs.devo.com/space/latest/95128275/Query+API

The Collect Method will be POST with Body, with an example Body:

{
    "from": "${earliest || ((Date.now() / 1000) - 300 | 0)}",
    "to": "${latest|| ((Date.now() / 1000) | 0)}",
    "query": "from x.x.x.x select *"
}

You of course will need to update your Query.

This will pass in an Earliest / Latest Time, when one is provided either during Scheduling or Ad-Hoc Runs:

However if you do not, it defaults to “-5m@m to Now”

Please note, that Devo’s API requires a 10 digit Epoch Timestamp.
If a 13 Digit Timestamp is provided, it will fail.

Information regarding Date.now():

You will authenticate with a Bearer Token, per Devo’s Documentation:
https://docs.devo.com/space/latest/95128442/Authorizing+Query+API+requests#OAuth-token

Devo’s Documentation regarding Authenitcation Tokens:
https://docs.devo.com/space/latest/94763821/Authentication+tokens

To get your Authentication Token, once you’ve logged in to Dev, navigate to:
Left Side Bar > Administration > Credentials > Tokens > New Token.
Configure the token with the appropriate requirements

Enable the “Disable Time Filter” to ensure we aren’t excluding events.
More information can be found here:

Your REST Collector will look something like this:
devo_rest_collector

1 UpGoat