RSA NetWitness Lua Parsers for Logs-*Coming Soon*

Document created by Connor Mccarthy Employee on Oct 12, 2017
Version 1Show Document
  • View in full screen mode

Register Now

 

 

 

In order to register for a class, you need to first create an EMC account
If you need further assistance, contact us

Summary

This on-demand learning provides an introduction to RSA Netwitness Lua Parsers for Logs.

 

Overview

This On-Demand Learning course will provide students with an overview of creating custom log parsers for RSA NetWitness using Lua. Students will cover topics such as when to use a custom parsers, the components of a Lua parser, how to create the Lua parser for logs and basic troubleshooting.


Audience

Customer, PS, CS, ES, Partners

 

Delivery Type
On-Demand Learning


Duration
60 minutes


Prerequisite Knowledge/Skills

Knowledge of the following is required for attending this course:

  • General programming concepts including local and global variables, conditional logic (if, then, else) and program loops (while, do) is highly suggested but not required
  • Use of a source code editor (such as Notepad++)
  • Basic understanding of the grep command in Linux
  • RSA NetWitness for Logs and Packets Introduction – eLearning
  • RSA NetWitness for Logs and Packets Foundations ILT
  • RSA NetWitness Logs Parser Overview   eLearning
  • RSA NetWitness for Logs and Packets Lua Parsers - eLearning

 

Learning Objectives

Upon successful completion of this course, participants should be able to:

  • Identify when the use of Lua is necessary for parsing and creating custom content
  • Understand and explain the use of RSA NetWitness meta callbacks
  • Understand and explain the use of nw.getPayload(), tostring() and nw.LogInfo()  functions
  • Understand and explain the use of basic Lua string pattern-matching
  • Create a custom log (device) parser for a supported event source using a Lua parser
  • Test a Lua log parser for use in RSA NetWitness for Logs
  • Deploy a Lua log parser for use in RSA NetWitness for Logs
  • Perform basic troubleshooting of a Lua log parser

 

Course Outline

  • Log Data Collection
  • When to use Lua for Log Parsing
  • Components of a Lua Parser for Logs
  • Creating Custom Log Parsers
  • Basic Troubleshooting

Register Now

 

 

 

In order to register for a class, you need to first create an EMC account
If you need further assistance, contact us

Attachments

    Outcomes