Article Number
000032251
Applies To
RSA Product Set: Security Analytics
RSA Product/Service Type: Archiver
RSA Version/Condition: 10.4.x, 10.5.x
Platform: CentOS
O/S Version: EL6
Task
This article addresses how to extract raw logs from an Archiver appliance.
Resolution
There are two options to extract raw logs from the Archiver.
- Using Broker investigation from the Security Analytics UI.
- Using the attached saget.py script from the CLI.
Refer to the attached PDF for the process.