Skip navigation
All Places > Products > RSA NetWitness Platform

RSA Content for the RSA NetWitness Platform

Log in to follow, share, and participate in this community.

Recent Activity

Set as default view
RSA Information Design and Development
RSA Information Design and Development mentioned RSA Content for the RSA NetWitness Platform 2 months ago Show mention context
Release Notes 11.4.1.3: Product Documentation
RSA Information Design and Development
RSA Information Design and Development mentioned RSA Content for the RSA NetWitness Platform 2 months ago Show mention context
Release Notes 11.4.0.1: Product Documentation 114321
William Motley
William Motley Employee in RSA Content for the RSA NetWitness Platform5 years ago (Show more)
PARSERS - A Treatise on Writing Packet Parsers for RSA NetWitness   If you're interested in learning to write your own custom packet parsers, this is the information you need.  It covers parser writing from the ground up.   It begins with the fundamentals, such as the of role parsers, what makes for good meta, and how parsers see sessions.  It…
in RSA Content for the RSA NetWitness Platform
Scott Marcus
Scott Marcus Employee in RSA Content for the RSA NetWitness Platform4 years ago (Show more)
in RSA Content for the RSA NetWitness Platform
RSA Product Team
RSA Product Team Employee in RSA Content for the RSA NetWitness Platform1 year ago (Show more)
Click to view content  RSA NetWitness Investigation MetaThis table lists all of the delivered RSA NetWitness Investigation meta. Meta Key Details analysis.file: autorun Registered by: autorun.nwr analysis.file: autorun debian package mismatch Registered by: autorun_debian_package_mismatch.nwr analysis.file: autorun file path not part of debian package…
in RSA Content for the RSA NetWitness Platform
RSA Information Design and Development
RSA Information Design and Development Employee in RSA Content for the RSA NetWitness Platform2 years ago (Show more)
Click to view contentWhen working with RSA Live ESA or the ESA Rule Builder, you should not need to know the EPL syntax used within the rules. However, if your use case exceeds the capabilities of either of these, you should become familiar with at least the basics of the EsperTech EPL language used with ESA. Note: NetWitness Platform 11.3 uses Esper 7.1. Earlier…
in RSA Content for the RSA NetWitness Platform
RSA Information Design and Development
RSA Information Design and Development Employee in RSA Content for the RSA NetWitness Platform4 years ago (Show more)
Click to view contentIn an ongoing effort to provide the best user experience, RSA periodically discontinues content (such as rules and reports). This is to keep pace with the ever evolving threat landscape, and to ensure our customers are not overwhelmed with stale information and ‘alert fatigue’. By tailoring content to current threats, we can help keep the systems…
in RSA Content for the RSA NetWitness Platform
RSA Information Design and Development
RSA Information Design and Development Employee in RSA Content for the RSA NetWitness Platform5 years ago (Show more)
Click to view contentThis table lists all of the delivered RSA NetWitness Rules. Note: For content that has been discontinued, see Discontinued Content. Display Name File Name Description Medium Tag 11.1-11.2 Autoruns and Scheduled Tasks from or referencing AppData 11.1-11.2 Autoruns and Scheduled Tasks from or referencing AppData Compliance Rule- Anti-Virus Signature…
in RSA Content for the RSA NetWitness Platform
RSA Information Design and Development
RSA Information Design and Development Employee in RSA Content for the RSA NetWitness Platform5 years ago (Show more)
Click to view contentThis topic lists the RSA NetWitness Reports. The reports are built upon rules and lists. When you download a report, all necessary RSA NetWitness Rules and RSA NetWitness Lists are also downloaded. You may, however, need to download supporting RSA Application Rules and parsers. Note: For content that has been discontinued, see Discontinued…
in RSA Content for the RSA NetWitness Platform
RSA Information Design and Development
RSA Information Design and Development Employee in RSA Content for the RSA NetWitness Platform5 years ago (Show more)
Click to view contentThis topic discusses and describes the packet (Lua) parsers available in RSA NetWitness Platform. If you need a parser that does not already exist, you can Request a Parser. Note: More information on each of these parsers is available in Live. Navigate to Live search, and select RSA Lua Parser in the Resource Types field. From the results, select…
in RSA Content for the RSA NetWitness Platform
Load more items