Hi All,
We are currently exploring the new option in Event source ---> Log Parser in Netwitness 11.1.0.1, Can any one provide us more details on the usage, there is no related doc available. We are trying to streamline all the events source and get the exact value out of this.
* How to populate the unknown logs in this field?
* How does this filed help us to streamline the event logs ?
* What is meant by Log Parsers on the left and Rules on the right ?
This should get you started ESM: Log Parser Rules Tab until RSA find time to fill up Log Parser Rules Tab which sits like that for 20 days now (not sure if it will be any different or copy paste).