RSA, a Dell Technologies business, announces the release of RSA® NetWitness Log Parser Tool v1.1

Document created by RSA Product Team Employee on Jul 10, 2018Last modified by RSA Product Team Employee on Jul 10, 2018
Version 2Show Document
  • View in full screen mode

Dear Valued RSA Customer,

 

RSA, a Dell Technologies business, is pleased to announce the general availability of RSA NetWitness® Log Parser Tool v1.1. The RSA NetWitness Log Parser Tool provides an easy and convenient way to create, edit and deploy custom Log Parsers on the RSA NetWitness Log Decoder.

 

RSA NetWitness Log Parser Tool (NWLPT):

The RSA NetWitness Log Parser Tool (NWLPT) is a standalone graphical tool that enables users to create and/or modify event source parser definitions that can facilitate RSA NetWitness Log Decoder to parse out log events into normalized meta keys. Here are some of the scenarios where this tool can be helpful:

 

 

  • To easily create a parser for custom applications or niche event sources
  • To improve or modify existing parsers for a particular environment or specific use-cases
  • To validate Logs against specific parsers without connecting with the RSA NetWitness platform
  • To deploy custom parsers across an RSA NetWitness environment

 

 

Release Notes: RSA NetWitness Log Parser Tool v1.1 Release Notes 

 

User Guide: Log Parser Tool v1.1 User Guide  

 

Download: RSA NetWitness Log Parser Tool v1.1 Downloads  (For Mac and Windows Platforms)

 

Free On-Demand Learning Course:  RSA NetWitness Log Parser Tool 

 

 

Feature Highlights in v1.1:

  • Visually Differentiate custom changes made to a Log Parser
  • Add/Edit/Delete ValueMaps
  • TAB Delimiter is now allowed under TagValMap Functionality
  • Direct Link to the RSA NetWitness Unified Data Model - RSA NetWitness Unified Data Model 
  • Compatibility with latest versions of RSA NetWitness Log Decoder
  • Several Stability fixes

 

Feature Highlights in v1.0:

  • Workflow to Create Headers and Messages
  • Cloning of Headers and Messages
  • Validation Checks for Headers and Messages
  • Advanced Search and Filter on Parsers/Logs
  • Continuous-Parse and On-Demand Parse Modes
  • Deploy Parsers on Log Decoder directly from the tool
  • Auto Splitting of Large Log Files
  • Direct Link to RSA NetWitness Parser Community on GitHub and Help Documents
  • Parser can be Exported as a Live Resource for simultaneous deployment to multiple decoders
  • Loading Latest Table-Map/Table-Map-Custom Through the Interface
  • Periodic Automatic Saving of Parsers

 

The RSA NetWitness product team is committed to continuing to improve the user experience for NetWitness Logs.  Thank you to all the customers and individuals who provided feedback during the development phases.  We look forward to your continued collaboration.

 

 

For additional documentation, downloads, and more, visit the RSA NetWitness Platform page on RSA Link.

 

EOPS Policy:

RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the Product Version Life Cycle for additional details.

Attachments

    Outcomes