This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject

NetWitness Community

  • Home
  • Products
    • NetWitness Platform
      • Advisories
      • Documentation
        • Platform Documentation
        • Known Issues
        • Security Fixes
        • Hardware Documentation
        • Threat Content
        • Unified Data Model
        • Videos
      • Downloads
      • Integrations
      • Knowledge Base
    • NetWitness Cloud SIEM
      • Advisories
      • Documentation
      • Knowledge Base
    • NetWitness Detect AI
      • Advisories
      • Documentation
      • Knowledge Base
    • NetWitness Investigator
    • NetWitness Orchestrator
      • Advisories
      • Documentation
      • Knowledge Base
      • Legacy NetWitness Orchestrator
        • Advisories
        • Documentation
  • Community
    • Blog
    • Discussions
    • Events
    • Idea Exchange
  • Support
    • Case Portal
      • Create New Case
      • View My Cases
      • View My Team's Cases
    • Community Support
      • Getting Started
      • News & Announcements
      • Community Support Forum
      • Community Support Articles
    • Product Life Cycle
    • Support Information
    • General Security Advisories
  • Training
    • Blog
    • Certification Program
    • Course Catalog
      • Netwitness XDR
      • EC-Council Training
    • New Product Readiness
    • On-Demand Subscriptions
    • Student Resources
    • Upcoming Events
    • Role-Based Training
  • Technology Partners
  • Trust Center
Sign InRegister Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Discussions
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
  • NetWitness Community
  • Discussions
  • Topics with Label: RSA NetWitness Platform
  • Options
    • Mark all as New
    • Mark all as Read
    • Float this item to the top
    • Subscribe
    • Bookmark
    • Subscribe to RSS Feed
Showing topics with label RSA NetWitness Platform. Show all topics

Forum Posts

Create a Document

Centralized Content Management - Custom Feeds

Recently made the jump to version 12.2 and centralized content management. Most content can be transferred over, but one thing that isn't straightforward is custom feeds. How do we create new custom feeds in the content library? There is no wizard dr...

yesterday
|
Posted in NetWitness Discussions
drewjc by drewjc • Occasional Contributor
  • 19 Views
  • 1 replies
  • 0 likes

How To Create a Log Parser for JSON log files for next event source

How do I create a log parser for log files that are in JSON format? All the resources I've seen and the Log Parser Tool seem to only deal with syslog style logs where the whole message is on a single line however the event source I need a parser for ...

Friday
|
Posted in NetWitness Discussions
JeremyKerwin by JeremyKerwin • Valued Contributor
  • 71 Views
  • 0 replies
  • 0 likes

Synchronise OpenCTI with Netwitness

Hello, I have a threat intelligence platform based on OpenCTI. I would like to synchronise my indicators with my Netwitness platform but Netwitness does not support TAXII V2. Do you have any solutions? Thanks,

2 weeks ago
|
Posted in NetWitness Discussions
BaptOnfroy by BaptOnfroy • Contributor
  • 176 Views
  • 5 replies
  • 0 likes

Writing a parser to extract values from CEF log

Hello everyone, I’m having issue extracting values from CEF log using lua parser. I’m trying to extract the user-agent string in full_request. For example:\r\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko...

2023-04-24
|
Posted in NetWitness Discussions
tuongpham1 by tuongpham1 • New Contributor
  • 128 Views
  • 0 replies
  • 0 likes

Build a Report or Rule to detec RDP session duration

Hi community, any idea you have to be able to detect the duration of an RDP session, I have used rules considering the correlation of login and logoff/disconnected events but I have not been able to achieve it, has anyone tried this use case before? ...

2023-03-10
|
Posted in NetWitness Discussions
alespinosadlm by alespinosadlm • Contributor
  • 142 Views
  • 0 replies
  • 1 likes
  • « Previous
    • 1
    • 2
    • 3
    • …
    • 16
  • Next »
Labels
  • Case Portal 3
  • Documentation 3
  • EDR 1
  • Endpoint 1
  • Forums 4
  • Integrations 1
  • Knowledge Base 4
  • Other Topics 2
  • RSA NetWitness Endpoint 216
  • RSA NetWitness Orchestrator 21
  • RSA NetWitness Platform 80
  • RSA NetWitness Platform Integrations 11
Powered by Khoros
  • Blog
  • Events
  • Discussions
  • Idea Exchange
  • Knowledge Base
  • Case Portal
  • Community Support
  • Product Life Cycle
  • Support Information
  • About the Community
  • Terms & Conditions
  • Privacy Statement
  • Acceptable Use Policy
  • Employee Login
© 2022 RSA Security LLC or its affiliates. All rights reserved.