Arbitrary Data Import
The Snare Central can attempt to import arbitrary log data that is text-based, and uses newline (or newline/carriage-return) characters to mark the boundary between different lines. Logs of this format will be imported to either the 'GenericLog' or 'GenericSyslog' data sources, with dates either derived from the uploaded data (if available), or specified within the import form.
Choose up to 9 files to import at once.
| Info |
|---|
|
Snare Data Import
Data that has been exported to optical, or USB media, can be called back into the Snare Central for forensics analysis by this objective.
Alternatively, in situations where a Snare Agent has been configured to log to a local file, rather than, or in addition to, sending log data directly back to a Snare Central for analysis, such files can be uploaded to the Snare Central from this interface by selecting the 'Upload Snare Agent exports' button.
...