Is there a way that we can search data in Devo using the API?
1 UpGoat
You can use our REST API collector to do this.
Your Collect URL Depends on your Devo Domain Region, which you can find here:
https://docs.devo.com/space/latest/95128275/Query+API
The Collect Method will be POST with Body, with an example Body:
{
"from": "${earliest || ((Date.now() / 1000) - 300 | 0)}",
"to": "${latest|| ((Date.now() / 1000) | 0)}",
"query": "from x.x.x.x select *"
}
You of course will need to update your Query.
This will pass in an Earliest / Latest Time, when one is provided either during Scheduling or Ad-Hoc Runs:
However if you do not, it defaults to “-5m@m to Now”
Please note, that Devo’s API requires a 10 digit Epoch Timestamp.
If a 13 Digit Timestamp is provided, it will fail.
Information regarding Date.now():
You will authenticate with a Bearer Token, per Devo’s Documentation:
https://docs.devo.com/space/latest/95128442/Authorizing+Query+API+requests#OAuth-token
Devo’s Documentation regarding Authenitcation Tokens:
https://docs.devo.com/space/latest/94763821/Authentication+tokens
To get your Authentication Token, once you’ve logged in to Dev, navigate to:
Left Side Bar > Administration > Credentials > Tokens > New Token.
Configure the token with the appropriate requirements
Enable the “Disable Time Filter” to ensure we aren’t excluding events.
More information can be found here:
Your REST Collector will look something like this:
1 UpGoat