AnsweredAssumed Answered

How to upload custom logs to RSA NetWitness using the RESTful API if the decoder runs live capture?

Question asked by Guillaume Hana on Mar 4, 2019

Hello, I have custom logs that I would like to upload to rsa netwitness via the RESTful API. get the address and the port of my decoder but I have the following error message:" 400 Bad Request: Packet import can not execute while live capture is running". Actually in the documentation: RESTful API User Guide for RSA NetWitness® Platform 11.x 

 

it is well indicated on page 10 that: "Note: The DECODER cannot be competitively importing or capturing, or an error results."


How we can do ? Is it then necessary to dedicate a decoder to the reception of logs uploaded via API-REST ?

 

Best regards

Outcomes