.png?width=180&height=32&name=NW%20Logo%20(2).png){kind=small}
[Archive] How to extract raw logs from an Archiver appliance in NetWitness
Tasks
This article addresses how to extract raw logs from an Archiver appliance.
Resolution
There are two options to extract raw logs from the Archiver.- Using Broker investigation from Netwitness UI.
- Using the attached saget.py script from the CLI.
Refer to the attached PDF for the process. (Attachments are found on the Community link)
Internal Comments
Archiving and setting to Internal as the saget.py script no longer works in Alma Linux and has not been updated in 10 years.
Product Details
Product Set: NetWitnessRSA Product/Service Type: Archiver
RSA Version/Condition: 11.x, 12.x
Platform: CentOS, AlmaLinux
Approval Reviewer Queue
Technical approval queue