Skip to content
Connection Guide

Connect Devo Without Breaking the Audit Trail

Use this guide to connect Devo or confirm the export-based path that fits your environment. Aurora keeps source, timestamps, ownership, and collection history attached so the first run becomes reusable proof instead of one-off setup work.

Connector Summary
Connection typeDirect connection
CategorySiem
Checklist4 steps
Want help with rollout?
We'll confirm what can be automated, what stays export-based, and how to keep the first evidence record clean.

First-Run Checklist

Use this sequence to connect Devo and make sure the first collection lands cleanly.

  1. 1
    Record the tenant-specific Devo API base_url and region for the deployment being onboarded.
  2. 2
    Store api_key, api_secret, and query_api_token for Query API access, and store alerts_api_token for read-only Alerts API access.
  3. 3
    Keep triggered-alert retrieval on the Query API credential path because the accepted package explicitly avoids assuming the Alerts API standalone token works for every triggered-alert request.
  4. 4
    Validate region-specific hostnames and token scopes in a sanctioned tenant before enabling scheduled sync.

Credentials and Secrets

The keys, secrets, or tokens Aurora uses to authenticate and collect proof.

api_keyapi_secretquery_api_tokenalerts_api_token

Recommended Access

Aurora only asks for the minimum read access needed for collection and checks.

Access requirements depend on the collection mode and scope you choose.