Article Number
000002791
Applies To
RSA Product Set: Security Analytics, NetWitness
RSA Product/Service Type: Archiver
RSA Version/Condition: 10.4.x, 10.5.x
Platform: CentOS
O/S Version: EL6
Resolution
There are two options to extract raw logs from the Archiver.
- Using Broker investigation from the Security Analytics UI.
- Using the attached saget.py script from the CLI.
Refer to the attached PDF for the process.