Decoder: Services Config View - Files Tab

Document created by RSA Information Design and Development on Sep 13, 2017Last modified by RSA Information Design and Development on Oct 11, 2017
Version 6Show Document
  • View in full screen mode
 

The Decoder and Log Decoder configuration files are visible and editable in the Services Config view > Files tab. "Edit Core Services Configuration Files" in the Hosts and Services Getting Started Guide provides general instructions for editing files. (Go to the Master Table of Contents for Version 11.0 to find NetWitness Suite 11.0 documents.)

Like other Core services, both the Decoder and Log Decoder have an index file, and may also have a crashreporter, netwitness, and scheduler. The Decoder and Log Decoder index files are named index-decoder-custom.xml and index-logdecoder-custom.xml.

Note: This file type is available only for Log Decoder with Envision content installed. Table-map.xml and table-map-custom.xml will now show up but only if table-map.xml was found on the file system (for example, it is a log decoder with envision content installed).

What do you want to do?

                       
User RoleI want to...Documentation
Administratorobtain log files from pre-11.0 Log DecoderObtain Log Files a from Pre-11.0 Log Decoder
Administrator edit files and parsersFeed and Parser References

Related Topics

Quick Look

                               
FilenameDescription
GeoPrivate.ipl This fixed parser takes the IP addresses and converts them to geographical locations. The locations are displayed through the Google Earth display.
feed-definitions.xml Used to create custom feeds, this is the XML schema used by the Decoder to define a feed message when it creates a .feed file.
traffic_flow_options.lua Used to provide directionality information. Update this file with environment-specific internal and external subnets for the Lua parser to create proper directionality in metadata. The parser is described in RSA Content for RSA NetWitness Suite.
search.ini This is the Search Parser configuration file. The Search Parser is a custom parser, used to generate metadata by scanning for pre-defined keywords and regular expressions.
wlan-config.xml This is the wireless LAN configuration file (9/9/2009). This file controls the 802.11 parsers. Its chief purpose is to control decryption of raw 802.11 frames captured by the Decoder.
You are here
Table of Contents > Decoder and Log Decoder References > Services Config View - Files Tab

Attachments

    Outcomes