RSA NetWitness Logs and Packets Lua Parsers

Document created by Elizabeth Maloney Employee on Oct 3, 2016Last modified by Elizabeth Maloney Employee on May 1, 2017
Version 5Show Document
  • View in full screen mode

Register Now

 

 

 

In order to register for a class, you need to first create an EMC account
If you need further assistance, contact us

Summary

This self-paced on-demand learning will serve as an introduction to RSA NetWitness Packets LUA Parsers. It is suitable for the RSA NetWitness Analyst interested in better understanding how packet parsers work and becoming familiar with the process of writing their own custom packet parser.

 

Overview

This self-paced on-demand learning will serve as an introduction to RSA NetWitness LUA Packet Parsers. It is suitable for the RSA NetWitness Analysts and Administrators interested in better understanding how packet parsers work and becoming familiar with the process of writing their own custom packet parser.

 

Audience
Anyone interested in creating RSA NetWitness Lua Packet Parsers


Delivery Type
On-Demand Learning


Duration
90 minutes

 

Prerequisite Knowledge/Skills
Students should have completed the following courses (or have equivalent knowledge) prior to taking this training:

 

Course Objectives
Upon successful completion of this course, participants should be able to:

  • Describe business and technical reasons for creating custom packet parsers
  • List the types of parsers and briefly describe the LUA packet parser type
  • Discuss an architectural overview of Packet Parsers
  • Describe how parsers work with sessions
  • Describe how many parsers run on the same session
  • Describe a very simple example of the required parts, sequence, and syntax of a LUA Packet Parser
  • Discuss steps of designing , writing, and deploying a Packet Parser
  • Review additional resources and approaches to learning how to write your own custom LUA packet parser

 

Course Outline

  • Introduction
  • Architectural View of Packet Parsers
  • Parser Types
  • Overview of the Packet Parser
  • Packet Parsers 101
  • Packet Parsers – Flex Versus Lua
  • The Way that Packer Parsers Work
  • Simple Lua Packet Parser Example: 1
  • Passing Arguments Example: 2
  • Types of Callbacks
  • JPEG Parser Example: 3
  • Parser with a Variable Example: 4
  • Phases of Development of a Custom Packet Parser
  • Resources and Next Steps

Register Now

 

 

 

In order to register for a class, you need to first create an EMC account
If you need further assistance, contact us

Attachments

    Outcomes