Skip navigation
All Places > Products > RSA NetWitness Platform > RSA NetWitness Platform Online Documentation > Documents
Log in to create and rate content, and to follow, bookmark, and share content with other members.

ESM: Details View

Document created by RSA Information Design and Development Employee on Sep 6, 2017Last modified by RSA Information Design and Development Employee on Sep 8, 2020
Version 20Show Document
  • View in full screen mode

The Details view allows you to see details about the Event Source, as well as viewing a sample of the logs identified for each type in order to verify their accuracy.

You can access the Details view in a couple of ways.

  • From the Toolbar, click the View Details button. Or, you can
  • Double-click on the Event Source you selected.


This workflow shows the overall process for configuring event sources.

What do you want to do?

RoleI want to...Documentation

View and modify event sources.

Managing Event Source Groups
Administrator*Acknowledge and map events sources. Acknowledging and Mapping Event Sources


Add and configure parser mappings for a Log Decoder

Manage Parser Mappings


View log parser details

Manage Parser Mappings


Troubleshoot event source management.

ESM Troubleshooting & Appendix

*You can perform this task here.

Related Topics

Viewing Logs from Pre-11.0 Log Decoder

Quick Look

The following example shows the discovery scores, event source types, logs, and attributes that correspond with the Event Source you selected in the Event Sources panel for a single Log Decoder.

Note: Device logs are only available for and above Log Decoders.

1Displays the address of the selected Event Source.
2Displays the potential type of the selected Event Source.

Displays the selected Event Source Mapping Type as Auto-Mapped, Manually Mapped, or None. Any changes to the Event Source Mapping are only displayed here.


Displays the discovery score for the selected Event Source type from least confident (0) to most confident (100).

5Displays timestamps for the last few logs that have been parsed to the selected Event Source Type.
6Displays the address of the Log Decoder that is parsing event sources.
7Displays the discovery score of the corresponding log.
8Displays logs for the selected Event Source type.
9Allows you to acknowledge that all the discovered Event Source types are correct.
10Allows you to set the appropriate parsers for selected Event Source addresses.
11Displays the Event Source Management attributes for the selected Event Source Type.

Previous Topic:Create/Edit Group Form
You are here
Table of Contents > Event Source References > Details View