Note: Support for this Pack will be moved to the Partner on APRIL, 21, 2024.
RSA NetWitness Packets and Logs
- Details
- Content
- Dependencies
- Version History
RSA NetWitness Logs and Packets decoders are responsible for the real-time collection of network data. The decode captures data in real time and can normalize and reconstruct data for full session analysis. In addition, the decoder can collect flow and endpoint data.
Note: Support for this Pack will be moved to the Partner on APRIL, 21, 2024.
Automations
| Name | Description |
|---|---|
| NetwitnessQuery | Deprecated. No available replacement. Performs a query against the meta database |
NetwitnessSearch | Deprecated. No available replacement. Searches for matches in session/packet content |
Integrations
| Name | Description |
|---|---|
| RSA NetWitness Packets and Logs | RSA NetWitness Logs and Packets decoders are responsible for the real-time collection of network data. The decode captures data in real time and can normalize and reconstruct data for full session analysis. In addition, the decoder can collect flow and endpoint data. |
Automations
| Name | Description |
|---|---|
NetwitnessSearch | Deprecated. No available replacement. Searches for matches in session/packet content |
| NetwitnessQuery | Deprecated. No available replacement. Performs a query against the meta database |
Integrations
| Name | Description |
|---|---|
| RSA NetWitness Packets and Logs | RSA NetWitness Logs and Packets decoders are responsible for the real-time collection of network data. The decode captures data in real time and can normalize and reconstruct data for full session analysis. In addition, the decoder can collect flow and endpoint data. |
Required Content Packs (1)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
Optional Content Packs (0)
| Pack Name | Pack By |
|---|
All level dependencies (1)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
1.0.6 - 5844861 (July 23, 2023)
- 28397
- 27415
Download
Integrations
RSA NetWitness Packets and Logs
- Fixed an issue where the only possible option for SSL port was 56105.
- Added support for the useSSL parameter in all commands, allowing the selection of SSL with every port.
- Added the ability to output the result of the command netwitness-packets in the context data with the argument renderToContext.
- 28397
- 27415
Download
1.0.3 - R2146019 (December 21, 2021)
Scripts
NetwitnessQuery
- Updated the Docker image to: demisto/python:2.7.18.24398.
NetwitnessSearch
- Updated the Docker image to: demisto/python:2.7.18.24398.
PUBLISHER
PLATFORMS
Cortex XSOARCortex XSIAM
INFO
| Certification | Certified | Read more |
| Supported By | Cortex | |
| Created | December 7, 2020 | |
| Last Release | January 22, 2024 |
WORKS WITH THE FOLLOWING INTEGRATIONS:
