Skip to content
  • There are no suggestions because the search field is empty.

(Optional) Process Raw Syslog Data without Priority Field

(Optional) Process Raw Syslog Data without Priority Field(Optional) Process Raw Syslog Data without Priority Field

You have the option to process raw syslog data that does not contain a valid priority (PRI) field.

To configure a Log Decoder to process syslog without a Priority field:

  1. Go to netwitness_adminicon_25x22.png (Admin) > Services, select the Log Decoder service and netwitness_ic-actns.png> View > System.
  2. Select Stop Capture (netwitness_stopcapture.png).
  3. From the drop-down menu, where System is shown, select Explore.
  4. Select decoder > config.

  5. In the capture.device.params field, add the following text, and then click Enter to save the changes:

    requirePri=false

    netwitness_12.1_capturedeviceparams_1122.png

  6. From the drop-down menu, where Explore is shown, select System.
  7. Select Start Capture (netwitness_startcapturedr.png). The change takes affect after capture is restarted.