Coming October 25: PeerSpot Awards will be announced! Learn more
2020-01-07T06:28:00Z
Miriam Tover - PeerSpot reviewer
Service Delivery Manager at PeerSpot (formerly IT Central Station)
  • 0
  • 26

What needs improvement with Devo?

Please share with the community what you think needs improvement with Devo.

What are its weaknesses? What would you like to see changed in a future version?

8
PeerSpot user
8 Answers
MU
IT manager at a tech services company with 1,001-5,000 employees
Real User
Top 10
2021-04-28T07:43:27Z
28 April 21

I need more empowerment in reporting. For example, when I'm using Qlik or Power BI in terms of reporting for the operations teams they also need analytics. They also need to report to the senior management or other teams. The reporting needs to be customized. You can build some widgets in terms of analytics and representations, however, I want to export these dashboards or these widgets in a PDF file. While you can explore everything as a PDF, it's not very complete. I am missing some customization capabilities in order to build a robust, meaningful report. The initial setup is a little complex. Technical support could be better. There do seem to be quite a few bugs within the version we are using. In the next update, I'd like it if they explain more about the Devo framework. The Devo framework is a tool inside the product. It's a prototype. It is a tool that provides to the customer a map of processes or a workflow, for example, with an HTML application with a front end. My understanding is that each component of this front attaches data with the queries. It might be customized. I'd like to generally understand this better. I'd like to understand DevoFlow. Up to now, usage could send data to the platform, retrieve it and enrich it by generating graphs and analytics. However, it's my understanding that Flow provides users the ability to process the data in real-time by defining complex workflows as soon as data arrives in the platform so that you can make analytics in a sequence. I'd like to better understand these new capabilities.

Art Faccio - PeerSpot reviewer
Director Cyber Threat Intelligence at IGT
Real User
Top 10
2021-03-03T19:20:00Z
03 March 21

If all of the connectors for the third-parties were there, it would be a solid 10. Everything else about it is right there. It's a newer product, so we knew going in that there would be some growing pains and that some things might not be available because not all third-parties would be included.

Chris Bates - PeerSpot reviewer
CISO at SentinelOne
Real User
Top 10
2021-02-16T23:39:00Z
16 February 21

There's room for improvement within the GUI. There is also some room for improvement within the native parsers they support. But I can say that about pretty much any solution in this space. Those are the standards where they need to improve because that's usually where they lag.

JerryH - PeerSpot reviewer
Director at a computer software company with 1,001-5,000 employees
Real User
Top 10
2020-11-03T07:14:00Z
03 November 20

Devo has a lot of cloud connectors, but they need to do a little bit of work there. They've got good integrations with the public cloud, but there are a lot of cloud SaaS systems that they still need to work with on integrations, such as Salesforce and other SaaS providers where we need to get access logs. We'll find more areas for improvement, I'm sure, as we move forward. But we've got a tight relationship with them. I'm sure we can get anything worked out.

Jordan Mauriello - PeerSpot reviewer
SVP of Managed Security at CRITICALSTART
MSP
2020-09-22T07:16:00Z
22 September 20

There is room for improvement in the ability to parse different log types. The breadth of overall log parsers that exists right now is an area that they could improve. Natively, there's more that could be done by Devo then what it can and can't understand from a parsing perspective. I would like to see Devo rely more on the rules engine, seeing more things from the flow, correlation, and rules engine make its way into the standardized product. This would allow a lot of those pieces to be a part of SecOps so we can do advanced JOIN rules and capabilities inside of SecOps without flow. That would be a great functionality to add.

JS
CEO at Panda Security
MSP
2020-03-24T08:12:00Z
24 March 20

There's always room to reduce the learning curve over how to deal with events and machine data. They could make the machine data simpler. Lookup tables could be used to minimize the performance impact in bringing together two different sources of data together and correlating them. This could be something that they could improve, but maybe this has already been fixed.

Learn what your peers think about Devo. Get advice and tips from experienced pros sharing their opinions. Updated: October 2022.
635,162 professionals have used our research since 2012.
MV
Security Analyst at Telefonica
Real User
2020-02-13T07:51:00Z
13 February 20

I don't use the Activeboards' visual analytics that much. I just look at the data, most of the time. The Activeboards feature is not as mature regarding the look and feel. Its functionality is mature, but the look and feel is not there. For example, if you have some data sets and are trying to get some graphics, you cannot change anything. There's just one format for the graphics. You cannot change the size of the font, the font itself, etc. You get a graphic that works well in some cases, but in other cases, the numbers are too small and you cannot do anything about it. Overall, the graphic presentation of data is okay, but I miss the basic functionality of being able to change how things look.

JayGrant - PeerSpot reviewer
Manager of Security Services at OpenText
MSP
2020-01-07T06:28:00Z
07 January 20

The only downfall that I have is it is browser based. So, when you start doing some larger searches, it will cause the browser to lock up or shut down. You have to learn the sweet spot of how much data you can actually search across. The way that we found around that is to build out really good Activeboards, then it doesn't render as much data to the browser. That's the work around that we use. As far as ingestion, recording, and keeping it, I've seen no issues. It comes down to some feature requests here and there, which is normal stuff with software. As a user, I may want to scroll through the filters, but the filter didn't allow scrolling at first. That's a feature that came in with version 6.

Related Questions
Miriam Tover - PeerSpot reviewer
Service Delivery Manager at PeerSpot (formerly IT Central Station)
Apr 27, 2022
How do you or your organization use this solution? Please share with us so that your peers can learn from your experiences. Thank you!
2 out of 14 answers
JayGrant - PeerSpot reviewer
Manager of Security Services at OpenText
07 January 20
I run an incident response, digital forensics team for OpenText. We do investigations into cyber breaches, insider threats, network exploitation, etc. We leverage Devo as a central repository to bring in customer logging in a multi-tenant environment to conduct analysis and investigations. We have a continuous monitoring customer for whom we stream all of their logging in on sort of a traditional Devo setup. We build out the active boards, dashboards, and everything else. The customer has the ability to review it, but we review it as well, acting as a security managed service offering for them. We use Devo in traditional ways and in some home grown ways. For example, if there is a current answer response, I need to see what's going on in their environment. Currently, I'll stream logs from the syslog into Devo and review those. For different tools that we use to do analytics and forensics, we'll parse those out and send that up to Devo as well. We can correlate things across multiple forensic tools against log traffic, network traffic, and cloud traffic. We can do it all with Devo. It's all public cloud, multi-factor authentication, and multi-tenant. We have multiple tenants built in as different customers, labs, etc. Devo has us set up in their cloud, and we leverage their instance. We are using their latest version.
MV
Security Analyst at Telefonica
13 February 20
Our primary use of Devo is as a SIEM, and then as a big-data platform. We do store a lot of data centrally, using the solution, and then we analyze it. The main purpose of the analysis is for security, to detect attacks, abnormalities, and to get an overall view of the health of the network. We deploy it on-premise. Devo mainly deploys in the cloud, but that's just not possible with our security policy.
Julia Frohwein - PeerSpot reviewer
Senior Director of Delivery at PeerSpot (formerly IT Central Station)
Apr 27, 2022
Hi, We all know it's really hard to get good pricing and cost information. Please share what you can so you can help your peers.
2 out of 12 answers
JayGrant - PeerSpot reviewer
Manager of Security Services at OpenText
07 January 20
It's a per gigabyte cost for ingestion of data. For every gigabyte that you ingest, it's whatever you negotiated your price for. Compared to other contracts that we've had for cloud providers, it's significantly less.
MV
Security Analyst at Telefonica
13 February 20
I'm not involved in the financial aspect, but I think the licensing costs are similar to other solutions. If all the solutions have a similar cost, Devo provides more for the money. Because we are running an in-house solution, there is the extra cost for us, when compared to the cloud, in maintaining our own hardware, and the level-one and -two support we are doing. But we feel we won't need consultants in the future, which we needed with Splunk where we paid extra for a more defined platform and doing the work. Devo is very well-documented and the platform is very open.
Related Articles
Netanya Carmi - PeerSpot reviewer
Content Manager at PeerSpot (formerly IT Central Station)
May 02, 2022
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to better connect with peers and other independent experts who provide advice without vendor bias. Our users have ranked these solutions according to their valuable features, and discuss which features they like most and why. You can read user reviews for the Top 8 Log Management Tools to help you d...
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
Jun 20, 2022
Hi PeerSpot community members, This is a fresh-from-the-oven Community Spotlight for you. Here, we've summarized and selected the latest posts (professional questions, articles and discussions) by PeerSpot community members. Check them out! Also, please share with us your feedback and suggestions by commenting below! Trending See what is trending at the moment and chime in to discuss! ...
Related Solutions
Related Articles
Netanya Carmi - PeerSpot reviewer
Content Manager at PeerSpot (formerly IT Central Station)
May 02, 2022
Top 8 Log Management Tools 2022
PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to...
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
Jun 20, 2022
Community Spotlight #16
Hi PeerSpot community members, This is a fresh-from-the-oven Community Spotlight for you. Here, ...
Download Free Report
Download our free Devo Report and get advice and tips from experienced pros sharing their opinions. Updated: October 2022.
DOWNLOAD NOW
635,162 professionals have used our research since 2012.