This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Discussions

List import via REST API

Go to solution
TomiReiman
Beginner
Beginner

‎2015-10-25 12:44 PM

Anyone know if it is possible import lists into RSA SA 10.5.x using the REST API? We are using a 3rd party platform for managing threat intelligence data and we can already utilize this data in our feeds using recurring feeds. However, it would be nice to be able to also import lists of indicators as lists for retrospective lookups.

0 Likes
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
RSAAdmin
Beginner
Beginner

‎2015-11-17 03:00 PM

Hi!,

 

Not via REST, but it can be done by manually updating the zip in

/home/rsasoc/rsa/soc/reporting-engine/liststore/

 

Open a list, and save it. It'll update the timestamp on the back-end zip file. You then know which list is associated with which zip.

The LIST file in the zip is comma seperated list: very important: no CRLF at the end: One Line Only!. It'll show up OK in the GUI with a CRLF, but won't work.

View solution in original post

0 Likes
1 REPLY 1

Go to solution
RSAAdmin
Beginner
Beginner

‎2015-11-17 03:00 PM

Hi!,

 

Not via REST, but it can be done by manually updating the zip in

/home/rsasoc/rsa/soc/reporting-engine/liststore/

 

Open a list, and save it. It'll update the timestamp on the back-end zip file. You then know which list is associated with which zip.

The LIST file in the zip is comma seperated list: very important: no CRLF at the end: One Line Only!. It'll show up OK in the GUI with a CRLF, but won't work.

0 Likes
© 2022 RSA Security LLC or its affiliates. All rights reserved.