Recently made the jump to version 12.2 and centralized content management. Most content can be transferred over, but one thing that isn't straightforward is custom feeds. How do we create new custom feeds in the content library? There is no wizard dr...
How do I create a log parser for log files that are in JSON format? All the resources I've seen and the Log Parser Tool seem to only deal with syslog style logs where the whole message is on a single line however the event source I need a parser for ...
Hello, I have a threat intelligence platform based on OpenCTI. I would like to synchronise my indicators with my Netwitness platform but Netwitness does not support TAXII V2. Do you have any solutions? Thanks,
Hello everyone, I’m having issue extracting values from CEF log using lua parser. I’m trying to extract the user-agent string in full_request. For example:\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko...
Hi community, any idea you have to be able to detect the duration of an RDP session, I have used rules considering the correlation of login and logoff/disconnected events but I have not been able to achieve it, has anyone tried this use case before? ...
