This document will serve to aggregate useful how-to information for "Do-It-Yourself" creation of parsers and integrations for RSA NetWitness Platform. Please follow the page for updates using theActions menu above as we will be adding more content frequently. Also, please feel free to add comments below or click theSend Feedbackbutton to provide feedback, request new content or to let us know about any new posts which would be useful to reference here.
Instructions on properly configuring the custom table map to manage keys populated by log parsers. NOTE: Theindex-concentrator-custom.xmlfiles will sometimes also need to be modified to achieve indexing and full searchability of meta keys.
This is a sample python app that demonstrates how to use the RESTful API on NetWitness Core Services. For a background on how this tool came to be (and some useful explanations of the API functions), see this post: NetWitness NextGen RESTful Python Test App
You can also leave feedback in the comments below. Help us enable you to find creative solutions to your integration goals!