This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RSA enVision® Discussions

Browse the RSA enVision discussion board to get product help and collaborate with other users of RSA enVision.
RSAAdmin
Beginner
Beginner
‎2008-08-20 10:21 AM

String parsing examples & manuals

Good afternoon Folks

 

On a recent enVision training course it had been hoped that string parsing would be covered. Unfortunately it was not. Does anyone have examples of how this is done and implemented or even have a manual that would show each step of the process?

 

many thanks

 

Paul

New envision user

0 Likes
Reply
5 Replies
RSAAdmin
Beginner
Beginner
‎2008-08-20 12:07 PM

Hi Paul - string parsing in what context?

 

Is this for something UDS related or is it for a Windows application?

0 Likes
Reply
RSAAdmin
Beginner
Beginner
In response to RSAAdmin
‎2008-08-21 07:13 AM

Thanks for your reply.

 

String parsing is terms of:

 

message/event text is parsed and investigated for specific string (or word), if specific string is there an action is taken. i.e. an alert

 

I hope this answers your question.

 

thanks

Paul

0 Likes
Reply
RSAAdmin
Beginner
Beginner
In response to RSAAdmin
‎2008-09-04 01:25 PM

Paul,

 

It sounds like you just want to do a simple alert with a filter on one or more of the variables in the message.

 

High Level Overview of the Process:

Create a view

Add the desired devices

Add the desired events from those devices

Add filters to variables in those events

Apply any output actions desired

Finish the View

 

As far as the more in-depth details, refer to your enVision course materials

0 Likes
Reply
AlanLaurencelle
Employee
Employee
In response to RSAAdmin
‎2008-09-05 01:52 PM

Also, if I understand your question properly, I think you want to select all event categories in your statement level and then in the filter use content REGEX xxx.

 

 

0 Likes
Reply
RSAAdmin
Beginner
Beginner
In response to RSAAdmin
‎2008-09-16 04:16 AM

hi Matt

 

Thanks for your reply. You are quite right, all I want to do is read a message string and if I see "A!!" envision will do "X". However the course material does not cover what you have described. This level of skill was promised in the "advanced" course, which is, according to RSA training, "currently under development"

 

If you have anything you could email me, I would appreciate it.

 

Thanks

Paul

0 Likes
Reply
© 2020 RSA Security LLC or its affiliates.
All rights reserved.