Using REST API to pull events from concentrator
I am trying to user curl to pull data from our concentrator. it doesn't seem to want to work with curl. I am also not sure if i have the proper syntax. It works fine by manually going to the site at http://x.x.x.x:50105/sdk/packets the query i am trying to run is event.desc = 'ids_alerted' && time="2018-May-24 0:00"-"2018-May-24 23:20" and again it works fine using the manual page.
curl --user 'username:password'
- Community Thread
- Forum Thread
- restful api
- RSA NetWitness
- RSA NetWitness Platform
I've moved your question to the RSA NetWitness Platform" data-type="space space where it will be seen by the product's support engineers, other customers and partners. Please bookmark this page and use it when you have product-specific questions.
Alternatively, from the RSA Customer Support" data-type="space page, click on Ask A QuestionRSA NetWitness Platform" data-type="space on the blue navigation bar and choose . From there, scroll to and click Ask A Question. That way your question will appear in the correct space.
Try using the curl command below. It is modified to pull events for the entire day of May 24.
Please substitute your username/password and concentrator ipaddr.