Devo API

the devo platform is a cloud based data analytics platform that allows you to collect, analyze, and visualize large volumes of data from various sources the devo api connector enables automated interactions with devo's platform, allowing users to run queries and retrieve alerts programmatically devo is a powerful analytics platform that provides real time insights for security operations the devo api turbine connector allows users to seamlessly integrate devo's alerting and query capabilities into swimlane turbine's low code automation workflows by leveraging this connector, users can obtain a list of triggered alerts, filter them based on various parameters, and execute custom queries within the devo platform this integration enhances the swimlane turbine platform by enabling advanced data analysis and streamlined incident response, ultimately improving the efficiency and effectiveness of security operations prerequisites to effectively utilize the devo api connector with swimlane turbine, ensure you have the following http bearer authentication with these parameters url the endpoint url for the devo api token a valid oauth bearer token for authentication api key authentication with these parameters url the endpoint url for the devo api authentication token an api key provided by devo for secure access asset you can generate a token in the administration → credentials area of devo https //docs devo com/space/latest/95128442#api key & api secret to authorize your request capabilities query action get alerts configurations devo api key authentication authenticates using an api key configuration parameters parameter description type required url a url to the target host url https //api us devo com https //api us devo com string required standalonetoken authentication token string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional http bearer authentication authenticates using bearer oauth token configuration parameters parameter description type required url a url to the target host ie https //apiv2 us devo com https //apiv2 us devo com string required token the api token string required verify ssl verify ssl certificate boolean optional http proxy a proxy to route requests through string optional actions get alerts obtain a list of triggered alerts within a specified time range from devo api, with options to limit and offset results endpoint url alerts/v1/alerts/list method get input argument name type required description limit number required maximum number of elements returned in the response offset number required position of the first element in the returned list you will retrieve a subset of records starting with the offset value enter 0 if you don't want to specify a subset from number required filters all alerts triggered after this date this must by an epoch time in milliseconds to number required filters all alerts triggered before this date this must by an epoch time in milliseconds orderby string optional order the alerts by a specific field orderasc boolean optional set this parameter to true to retrieve the alert list in ascending order showall boolean optional set this parameter to true to retrieve all the triggered alerts, including the ones with false positive and closed status the default value is false output parameter type description status code number http status code of the response reason string response reason phrase headers object http headers for the request example \[ { "status code" 200, "reason" "ok", "headers" {}, "json body" \[ {} ] } ] get query run a specified query within the devo platform using a time range defined by 'from' and 'to' parameters endpoint url /search/query method post input argument name type required description query string optional parameter for get query queryid string optional unique identifier from string required parameter for get query to string required parameter for get query mode string optional parameter for get query dateformat string optional parameter for get query timezone string optional parameter for get query offset number optional parameter for get query skip number optional parameter for get query limit number optional parameter for get query ipasstring boolean optional parameter for get query vaultname string optional name of the resource progressinfo boolean optional parameter for get query allowpartialresults boolean optional result of the operation keepalive string optional parameter for get query output parameter type description status code number http status code of the response reason string response reason phrase headers object http headers for the request details object output field details status number status value cid string unique identifier timestamp number output field timestamp msg string output field msg object array output field object eventdate string date value host string output field host memory heap used string output field memory heap used memory non heap used string output field memory non heap used example \[ { "status code" 200, "reason" "ok", "headers" null, "details" { "status" 0, "cid" "ue7bt8pfmn", "timestamp" 1528308389081, "msg" "", "object" \[] } } ] notes for more details, please refer to the devo api documentation link https //docs devo com/space/latest/127926341/working+with+triggered+alerts+using+the+api