AnsweredAssumed Answered

How to upload custom logs to RSA NetWitness using the RESTful API if the decoder runs live capture?

Question asked by Guillaume Hana on Mar 4, 2019
Latest reply on Mar 6, 2019 by Guillaume Hana

Hello, I have custom logs that I would like to upload to rsa netwitness via the RESTful API. get the address and the port of my decoder but I have the following error message:" 400 Bad Request: Packet import can not execute while live capture is running". Actually in the documentation: RESTful API User Guide for RSA NetWitness® Platform 11.x 


it is well indicated on page 10 that: "Note: The DECODER cannot be competitively importing or capturing, or an error results."

How we can do ? Is it then necessary to dedicate a decoder to the reception of logs uploaded via API-REST ?


Best regards