Alerting: Import or Export Rules

Document created by RSA Information Design and Development on Sep 12, 2017Last modified by RSA Information Design and Development on Mar 27, 2018
Version 7Show Document
  • View in full screen mode
 

The topic provides instructions to import ESA rules from a NetWitness Suite instance and to export ESA rules to your hard drive so you can keep a local copy.

If you exported a rule in an earlier version of NetWitness Suite, the following conditions apply when you import the rule in version 10.5 or later:

  • Exported in version 10.3 – You cannot import rules to version 10.5 or later.
  • Exported in version 10.4 – You can import rules to version 10.5 or later.

Procedures

Import ESA Rules

  1. Go to CONFIGURE >ESA Rules > Rules tab.
    The Rules tab is displayed.
    Rules tab showing import option
  2. In the Rules Library toolbar, select Action icon > Import
    The Import ESA Rules dialog is displayed.
    Import ESA Rules dialog
  3. Click Browse to browse and select the file containing the ESA rules.
  4. Click Import

Export

  1. Select an ESA rule or multiple rules and select Action icon > Export in the Rule Library toolbar.
    A warning dialog is displayed.
  2. Click Yes.
    The Export Rules dialog is displayed.
  3. In the Enter File Name field, type a filename for the file with the ESA rules and click Export.
    The file is exported as a binary file to your machine.

Note: The binary file cannot be edited.

You are here
Table of Contents > Add Rules to the Rules Library > Working With Rules > Import or Export Rules

Attachments

    Outcomes