on Nov 11, 2019
In order to register for a class, you need to first create an EMC account
If you need further assistance, contact us
Summary
This course provides a demonstration of the steps used to create a log parser.
Overview
In this course you will learn how to create and deploy a log parser for a specific device by viewing demonstrations using the Log Parser Tool (LPT).
Audience
CS, PS, Customers, SE, Partners
Delivery Type
On-Demand Learning (self-paced eLearning)
Duration
30 minutes
Prerequisite Knowledge/Skills
Learning Objectives
Upon successful completion of this course, participants should be able to:
- Describe the Log Parser Tool (LPT)
- Identify the steps for creating a log parser using the LPT
- Identify the steps for deploying the log parser in RSA NetWitness
Course Outline
Introduction to the NetWitness Log Parser Tool
Getting Started with Parser Creation
Creating Headers and Messages
One Demand versus Continuous Parsing
Using Functions for Enrichments
Choosing Variables
Generating a Parsing Report
Searching and Filtering
Deploying a Parser
Adding Unknown Messages
Using the TagValue Map Feature
In order to register for a class, you need to first create an EMC account
If you need further assistance, contact us