Event Data Transfer Tool 1.2 User's Guide




ESM 6.8c
ESM 6.9.1c
Comment List
  • iPhone and iPad file transfer software to backup apps, photos, notes, contacts, and messages

    iMazing is an iPhone and iPad management utility that can connect to your device's file system and backup and restore data in just a few steps. It basically allows you to connect and install an Apple product on a computer as an external storage device.

    iMazing's main design consists of multiple panels that support various features. The main panel contains a list of various items supported by the program such as Apps, FileApp, Camera, Photos, Music, Video, Messages, Phone, Contacts, Notes, Voice Memos, and File System. Each of these items can be backed up to a computer be it internal storage or external storage media such as USB drives or memory cards.

  • Hello,

    I have been sending ESM events to hadoop using a syslog CEF forwarder for some weeks and now I would like to send previous events from ESM to Hadoop. As the forwarder only works in real time I'm testing this data transfer tool.

    I'm exporting the data (in cef, csv and keyvalue) to file destination in order to check the fields exported, etc., and I found some differences in the fields:

    • The severity field of the CEF header is exported as text by the forwarder but as number by the transfer tool (for example Low vs 1)
    • The categoryDeviceType field is exported as catdt by the forwarder but as categoryDeviceType by the transfer tool
    • The Custom Device * Label fields are exported with a different names, for example lblString1Label instead of cs1Label
    • The content of some fields are wrong:
      • The Geo Latitude and Longitude fields don't have the decimal point. For example: slong=-3773956298 instead of slong=-0.3773956298
      • The IPv6 fields don't have the ':'. For example: c6a4=fe80000000000000025xxxxxx instead of c6a4=fe80:0:0:0:25xxxxxx

    I hope this information could help you in improving the tool.

    I've tested the tool with Express 4.0.