This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Platform Threat Intelligence Documentation
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Versions
Collections
All Downloads

Product Resources

Deploy Log Parsers in NetWitness 11.x

 

This procedure describes how to deploy Event Source Log Parsers from Live in NetWitness 11.x

  1. Go to CONFIGURE > Live Content.

  2. Browse Live for the Event Source Log Parsers that you need using Log Device as the Resource Type.

    The Event Source Log Parsers available for adding and updating display.

  3. Select the Event Source Log Parsers you want to deploy.

    You have the following two options when deploying Event Source Log parsers:

    • Individually.  You can select one or more Event Source Log Parsers to deploy. For example:

      DownloadIndvParsers_11x.png

    • Or as a bundle. Choose Bundle from the Resource Types, click Search, then select the Log Parser Pack that contains all Event Source Log Parsers that Security Analytics currently supports.
  4. Deploy the Event Source Log Parsers to the appropriate Log Decoders.

docFeedback.png

You are here

Table of Contents > Deploy Log Parsers in NetWitness 11.x

Was this article helpful? Yes No
No ratings

On this page

© 2022 RSA Security LLC or its affiliates. All rights reserved.