Currently we using RSA Netwitness 220.127.116.11 in our organization. So we have archiver which is deployed for log retention. At present we having 5 months of log data stored in archiver. We have the below requirement.
1) Management is asking 3 months of log data from archiver in human readable format lets say in .log or .csv format. Kindly suggest us on this. We haven't configured any aggregation polices on archiver for data collection. By default all the log data s are get aggregated.
2) If log data export is not possible what is the mechanism to read the archiver data ? Is there any component we need to deploy for reading archiver data ?
Looking forward for response.
Counsultant (Cognitive SOC)
Inspirisys Solutions Limited, India.