Deprecated. No available replacement. Performs a query against the meta database
RSA NetWitness Packets and Logs
- Details
- Content
- Dependencies
- Version History
RSA NetWitness Logs and Packets decoders are responsible for the real-time collection of network data. The decode captures data in real time and can normalize and reconstruct data for full session analysis. In addition, the decoder can collect flow and endpoint data.
Automations
| Name | Description |
|---|---|
| NetwitnessQuery | |
NetwitnessSearch | Deprecated. No available replacement. Searches for matches in session/packet content |
Integrations
| Name | Description |
|---|---|
| RSA NetWitness Packets and Logs | RSA NetWitness Logs and Packets decoders are responsible for the real-time collection of network data. The decode captures data in real time and can normalize and reconstruct data for full session analysis. In addition, the decoder can collect flow and endpoint data. |
Automations
| Name | Description |
|---|---|
| NetwitnessQuery | Deprecated. No available replacement. Performs a query against the meta database |
NetwitnessSearch | Deprecated. No available replacement. Searches for matches in session/packet content |
Integrations
| Name | Description |
|---|---|
| RSA NetWitness Packets and Logs | RSA NetWitness Logs and Packets decoders are responsible for the real-time collection of network data. The decode captures data in real time and can normalize and reconstruct data for full session analysis. In addition, the decoder can collect flow and endpoint data. |
Required Content Packs (1)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
Optional Content Packs (0)
| Pack Name | Pack By |
|---|
All level dependencies (0)
| Pack Name | Pack By |
|---|
1.0.3 - R2146019 (December 21, 2021)
Scripts
NetwitnessQuery
- Updated the Docker image to: demisto/python:2.7.18.24398.
NetwitnessSearch
- Updated the Docker image to: demisto/python:2.7.18.24398.
1.0.2 - 7567740 (September 12, 2021)
Scripts
NetwitnessQuery
- Updated the Docker image to: demisto/python:2.7.18.24066.
NetwitnessSearch
- Updated the Docker image to: demisto/python:2.7.18.24066.
1.0.1 - 394234 (July 7, 2021)
Scripts
NetwitnessSearch
- Updated the Docker image to: demisto/python3:3.9.5.21272.
NetwitnessQuery
- Updated the Docker image to: demisto/python3:3.9.5.21272.
1.0.0 - 394036 (December 7, 2020)
RSA NetWitness Logs and Packets decoders are responsible for the real-time collection of network data. The decode captures data in real time and can normalize and reconstruct data for full session analysis. In addition, the decoder can collect flow and endpoint data.
PUBLISHER
Cortex
PLATFORMS
Cortex XSOARCortex XSIAM
INFO
| Certification | Certified | Read more |
| Supported By | Cortex | |
| Created | December 7, 2020 | |
| Last Release | March 1, 2023 |
WORKS WITH THE FOLLOWING INTEGRATIONS:
