000031297 - windows legacy collectore No category file,,No description string found

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 22, 2017
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000031297
Applies ToRSA Product Set: Security Analytics
RSA Product/Service Type: Windows legacy collector
RSA Version/Condition: 10.5.x
Platform: CentOS
Platform (Other): log collection
O/S Version: EL6
Issuesome unknown events from windows legacy collector include the following line No category file,,No description string found
CauseStrings folder in log decoder is not updated
Resolution1- login to SA UI
2- from live search type the following as per attached screenshot
User-added image
and deploy it to your log decoder
3- this will update this file (strings) in the following folder in log decoder
/etc/netwitness/ng/logcollection/content/transform/windowslegacy
if issue still persist please contact RSA Support
 

Attachments

    Outcomes