Skip navigation

Log in to create and rate content, and to follow, bookmark, and share content with other members.

000031109 - How to view custom feed contents that are deployed to an RSA Security Analytics Log Decoder

Document created by RSA Customer Support

on Jun 14, 2016•Last modified by RSA Customer Support

on Apr 21, 2017

Version 4Show Document

Like • Show 0 Likes0
Comment • 0
View in full screen mode

Article Content

Article Number	000031109
Applies To	RSA Product Set: Security Analytics RSA Product/Service Type: Log Decoder, Security Analytics UI RSA Version/Condition: 10.4.1.0
Issue	There is no way to see the contents of a deployed custom feed via the Security Analytics UI.
Resolution	The contents of a custom feed can be viewed via the shell console on the Log Decoder appliance, following the steps below. Connect to the Log Decoder via SSH as the root user. Navigate to the directory where the feeds are stored. cd /etc/netwitness/ng/feeds/ Use the NwConsole utility to dump the custom feed contents. Note: Each time output file name should be different when running NwConsole command. NwConsole -c feed dump <feed_file_name> <output_file_name> Use the cat command to display the contents of the feed. If you are unsure of any of the steps above or experience any issues, contact RSA Support and quote this article number for further assistance.

Attachments

Outcomes

0 Comments

Recommended Content