This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

RSA enVision® Discussions

Browse the RSA enVision discussion board to get product help and collaborate with other users of RSA enVision.
areebasad
Beginner
Beginner
‎2013-02-26 12:49 AM

Windows Table

     Dears,

 

I need to parse a new windows event using ESI, the problem i can not find the Windows table to select events from, i found Windows accounting and windows level tables just.

In my reports i am using windows tables so any event i parsed ito the previous tables does not included in my reports! what could i do?

 

Regards

0 Likes
Reply
2 Replies
RSAAdmin
Beginner
Beginner
‎2013-02-28 09:47 AM

Hi Areeb,

 

If you have installed ESI, you require to update the content as well to bring t to the Content 2 level. After updating it will give you the Windows Table. Her eis what you need to do.

 

1. Download the latest ESU from RSA SCOL site.

2. On the machine where you have installed ESI, please run the following command

    <file path>\<ESU file name> -update_esi

 

Follow the steps and boom it'll update all the contents for ESI and you'll be able to find the Content 2 tables.

0 Likes
Reply
areebasad
Beginner
Beginner
‎2013-04-17 07:17 AM

     To enable the Windows table for your message on your ESI:

 

Go to File --> Preference --> RSA enVision Tables select/tick Show All 

Click Apply to save

 

This will make all tables available for your selected Event Source Class.

0 Likes
Reply
© 2021 RSA Security LLC or its affiliates.
All rights reserved.