How to apply Syslog filter on Local Collector/Decoder
I am getting unidentified logs from F5 and one of the solutions available on RSA KB is to filter that logs on Syslog filter.
But the issue is Syslog filter is only available on Remote Collector. Is there any way we can create a Syslog filter on Local Collector/Decoder to remove unwanted raw logs.
- Community Thread
- filter rule
- Forum Thread
- netwitness 11
- RSA NetWitness
- RSA NetWitness Platform
- syslog logs
I dont think that is possible.
this is how you can filter those from a VLC
but no filtering option exists on the LD that I am aware of.