AnsweredAssumed Answered

Does anyone have Cisco firepower manager custom Parsers created?

Question asked by John Babio on Aug 31, 2017
Latest reply on Oct 11, 2017 by CHAD HEILIG

I downloaded the logs from RSA netwitness, used esi tool to attempt to create parsers for the logs, then uploaded them following the proper directions. They refuse to get parsed properly. The security intelligence logs and the amp alert/ retrospective logs. I used the message id of malware which is either malware or restrospective. Any help would be greatly appreciated.

Attachments

Outcomes