Good Afternoon,
I am in the process of converting from RSA enVision to the more powerful RSA Security Analytics for logging. There are a massive amount of reports that are currently running within enVision, but would like to run in Security Analytics. What is the best way to get those reports into Security Analytics? Thank you for your time.
V/r
James
Hi James
Our upcoming release of Security Analytics 10.2 will include a set of utilities called "enVision Transition Tools". The transition tools are designed to inspect a given enVision deployment, inspecting the collection configuration as well as the reports. For collection, the tool will create a file format that can be bulk loaded into the SA Log Collector, elininating the need for you to retype hundreds of credentials or IP address. For enVision reports, the tool will inspect each report, and if the report can be directly converted to Security Analytics syntax then the tool will emit the RULE needed to create the report. If the report cannot be converted then the tool will describe what parts of the report cannot be carried over.