looking to parse out sha2 value using LPT
Nothing quite fits parsing out the sha2 value in our malware alert we receive. I see ioc is a meta value but it looks like its based on ip's and domains from a list.
- Community Thread
- custom log parser
- Forum Thread
- log parser community
- Log Parser Tool
- RSA NetWitness
- RSA NetWitness Platform
I have moved this thread to the RSA NetWitness Suite" data-type="space so that you can get an answer to your question.
not clear as to your question... please provide sample log and what you are trying to parse.
Is this a syslog message from the MA service that you are trying to parse? if so please provide the syslog message. if its from another system please provide that syslog event