Dear Team, CheckPoint IPS doesn't show up Destination IP address field
in raw logs or syslogs, But source IP is visible.(IPS logs do not
contain destination IP field) So, I am writing a rule to guess few IPS
destination IP addresses info from a IOC/F...
Hello Team, I am getting an error while executing the below advanced EPL
rule, please help me out.@RSAAlert(oneInSeconds=0)SELECT * FROM Event
(medium = 1AND device_type='checkpointfw1' AND ip_src IS NOT NULLAND
ip_dst IS NOT NULLAND action IS 'accep...
Hi Team, Recently did the version upgrade of the RSA to 11.3.2.0, Would
like to know whether we have the option to add the notes to all the
incidents selected while bulk closing them together. Is there any option
to do this.
RSA NetWitness 11.3 Documentation - Investigate & Respond RSA
NetWitness Platform 11.3" data-type="space RSA Customer Support"
data-type="space Hello, Meta key "feed.name" is not loading for more
than 3 hours time frame.I have subscribed to few RSA ...
Hi, Thanks for the reply.. Still a new error Syntax error in module.
Incorrect syntax near 'FOLLOWEDBY' expecting a closing parenthesis ')'
but found an identifier at line 11 column 2, please check the filter
specification within the from clause [@RS...
