000029821 - How to identify which ESU version is installed on an RSA Security Analytics Log Decoder

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000029821
Applies ToRSA Product Set: Security Analytics
RSA Product/Service Type: Log Decoder, Log Collector
RSA Version/Condition: 10.3.x, 10.4.x
Platform: CentOS
O/S Version: EL6
TasksTo identify the current Event Source Update (ESU) version that is present in the RSA Security Analytics environment, connect to the Log Decoder appliance via SSH and issue the command below.
[root@LDecoder ~]# cat /etc/netwitness/ng/envision/etc/esu-ver.dat

The output of the file is a timestamp in the following format:  YYYYMMDD-HHMMSS

Therefore, in the example above, the Event Source Update (ESU) that is present on the appliance was obtained on August 21st, 2014 at 10:58:04.