Searching Devo through the API
Is there a way that we can search data in Devo using the API?
Best Answer
-
You can use our REST API collector to do this.
Your Collect URL Depends on your Devo Domain Region, which you can find here:
https://docs.devo.com/space/latest/95128275/Query+APIThe Collect Method will be POST with Body, with an example Body:
{ "from": "${earliest || ((Date.now() / 1000) - 300 | 0)}", "to": "${latest|| ((Date.now() / 1000) | 0)}", "query": "from x.x.x.x select *" }You of course will need to update your Query.
This will pass in an Earliest / Latest Time, when one is provided either during Scheduling or Ad-Hoc Runs:
However if you do not, it defaults to "-5m@m to Now"
Please note, that Devos API requires a 10 digit Epoch Timestamp.
If a 13 Digit Timestamp is provided, it will fail.Information regarding Date.now():
You will authenticate with a Bearer Token, per Devos Documentation:
https://docs.devo.com/space/latest/95128442/Authorizing+Query+API+requests#OAuth-tokenDevos Documentation regarding Authenitcation Tokens:
https://docs.devo.com/space/latest/94763821/Authentication+tokensTo get your Authentication Token, once youve logged in to Dev, navigate to:
Left Side Bar > Administration > Credentials > Tokens > New Token.
Configure the token with the appropriate requirementsEnable the "Disable Time Filter" to ensure we arent excluding events.
More information can be found here:Your REST Collector will look something like this:
0
Answers
-
You can use our REST API collector to do this.
Your Collect URL Depends on your Devo Domain Region, which you can find here:
https://docs.devo.com/space/latest/95128275/Query+APIThe Collect Method will be POST with Body, with an example Body:
{ "from": "${earliest || ((Date.now() / 1000) - 300 | 0)}", "to": "${latest|| ((Date.now() / 1000) | 0)}", "query": "from x.x.x.x select *" }You of course will need to update your Query.
This will pass in an Earliest / Latest Time, when one is provided either during Scheduling or Ad-Hoc Runs:
However if you do not, it defaults to "-5m@m to Now"
Please note, that Devos API requires a 10 digit Epoch Timestamp.
If a 13 Digit Timestamp is provided, it will fail.Information regarding Date.now():
You will authenticate with a Bearer Token, per Devos Documentation:
https://docs.devo.com/space/latest/95128442/Authorizing+Query+API+requests#OAuth-tokenDevos Documentation regarding Authenitcation Tokens:
https://docs.devo.com/space/latest/94763821/Authentication+tokensTo get your Authentication Token, once youve logged in to Dev, navigate to:
Left Side Bar > Administration > Credentials > Tokens > New Token.
Configure the token with the appropriate requirementsEnable the "Disable Time Filter" to ensure we arent excluding events.
More information can be found here:Your REST Collector will look something like this:
0