RSA NetWitness Log Parser Tool

Document created by Joseph Cantor Employee on Nov 11, 2019Last modified by Joseph Cantor Employee on Nov 12, 2019
Version 4Show Document
  • View in full screen mode

Access Training

 

 

In order to register for a class, you need to first create an EMC account

If you need further assistance, contact us

 

Summary

This course provides a demonstration of the steps used to create a log parser.

 

Overview

In this course you will learn how to create and deploy a log parser for a specific device by viewing demonstrations using the Log Parser Tool (LPT).


Audience

CS, PS, Customers, SE, Partners

 

Delivery Type
On-Demand Learning (self-paced eLearning)


Duration
30 minutes


Prerequisite Knowledge/Skills

 

Learning Objectives

Upon successful completion of this course, participants should be able to:

  • Describe the Log Parser Tool (LPT)
  • Identify the steps for creating a log parser using the LPT
  • Identify the steps for deploying the log parser in RSA NetWitness

 

Course Outline

  • Introduction to the NetWitness Log Parser Tool

  • Getting Started with Parser Creation

  • Creating Headers and Messages

  • One Demand versus Continuous Parsing

  • Using Functions for Enrichments

  • Choosing Variables

  • Generating a Parsing Report

  • Searching and  Filtering

  • Deploying a Parser

  • Adding Unknown Messages

  • Using the TagValue Map Feature

 

 

 

 

 

 

Access Training

 

 

In order to register for a class, you need to first create an EMC account

If you need further assistance, contact us

Attachments

    Outcomes