![]() ![]() You'd have a backlog of processing the logs as it was ingesting them." "Devo provides a multi-tenant, cloud-native architecture. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. With this kind of platform, you have that information in real-time." "The most valuable feature is definitely the ability that Devo has to ingest data. As our users start to use it and adopt this system, we expect people to be able to do those long-term analytics." "In traditional BI solutions, you need to wait a lot of time to have the ability to create visualizations with the data and to do searches. That's one reason that having 400 days of live data is pretty huge. Our users were constantly asking us for at least 90 days, and we really couldn't even do that. In the past, our operational norm was to keep live data for only 30 days. And they can not only do so from a security point of view, but even for operational use cases. That's really useful." "Those 400 days of hot data mean that people can look for trends and at what happened in the past. And you can really quickly switch between using the GUI and using the code. Whatever you're doing, you see the code, what's happening. ![]() "One of the biggest features of the UI is that you see the actual code of what you're doing in the graphical user interface, in a little window on the side. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |