XML Parsing with Security Analytics & ESI
The last time that ESI was updated was in 2012.
I was wondering if ESI will be modified to fully function with Security Analytics.
Or are there any other tools that can be used to build XML based log parsers?
- Community Thread
- Forum Thread
- RSA NetWitness
- RSA NetWitness Platform
Ok. Quick Update here. I updated ESI with the latest event source update and although I can properly parse messages with my parser I get the following error message.
"Report is not generated because the message definition contains tags unsupported by ESI".
Any idea what causes this error message?
I even tried this with existing XML parsers with sample logs.
All the log messages were parsed on the header and message side.
Once, I try and run the Event Analysis Report. The Report completes but I get the following error for the message.
Report is not generated because the message definition contains tags unsupported by ESI.