Decoder: Services Config View - Files Tab

Document created by RSA Information Design and Development on Mar 22, 2017Last modified by RSA Information Design and Development on Sep 25, 2017
Version 3Show Document
  • View in full screen mode
  

This topic introduces the Decoder and Log Decoder configuration files that are visible in the Services Config view > Files tab.

The Decoder and Log Decoder configuration files are visible and editable in the Services Config view > Files tab. The Edit Core Services Configuration Files topic in the Hosts and Services Getting Started Guide provides general instructions for editing files.

Like other core Security Analytics services, both the Decoder and Log Decoder have an index file, and may also have a crashreporter, netwitness, and scheduler. The Decoder and Log Decoder index files are named index-decoder.xml and index-logdecoder.xml.

Note: This file type is available only for Log Decoder with Envision content installed. Table-map.xml and table-map-custom.xml will now show up but only if table-map.xml was found on the file system (e.g., it's a log decoder with envision content installed).

                             
FilenameDescription
GeoPrivate.iplThis fixed parser takes the IP addresses and converts them to geographical locations. The locations are displayed through the Google Earth display.
NwFlex.parserThis is a generic parser definition language for extending the existing application protocol support of the Decoder.
feed-definitions.xmlUsed to create custom feeds, this is the XML schema used by the Decoder to define a feed message when it creates a .feed file. 
search.iniThis is the Search Parser configuration file, The Search Parser is a custom parser, used to generate metadata by scanning for pre‐defined keywords and regular expressions.
wlan-config.xmlThis is the wireless LAN configuration file (9/9/2009). This file controls the 802.11 parsers. Its chief purpose is to control decryption of raw 802.11 frames captured by the Decoder.

Related Topics

Previous Topic:Upload Feeds Dialog
You are here
Table of Contents > References > Services Config View - Files Tab

Attachments

    Outcomes