A repository to share and contribute event source log parsers for the NetWitness Log Decoder.
A log parser defines how a NetWitness Log Decoder identifies, parses, and extracts information from the events of a specific event source. These parser definitions are stored as an XML file, called an event source XML file, which is deployed on the NetWitness platform.
You can create a new event source parser for an event source that is not currently supported by NetWitness and share it with the NetWitness community. You can also edit an existing event source parser to add or edit definitions for events, or to correct errors. You may need to edit an event source parser in one of the following situations:
- You upgrade to a new version of an event source that contains new, updated, or deprecated event messages.
- You want to include additional definitions for existing events.
- You want to update the definition for an existing event in an event source parser.
- You want to correct errors in an event source parser.
GitHub members can contribute to the repository by adding/editing an event source parser by raising a Pull Request and it'll be reviewed by our engineers. Once approved it'll be merged to master branch and available for all users.
Please go through below guide to understand the GitHub workflow: https://guides.github.com/introduction/flow/
More information related to GitHub can be found here: https://services.github.com/on-demand/intro-to-github/
Forking Projects: https://guides.github.com/activities/forking/