Skip navigation
All Places > Products

RSA NetWitness Platform

Log in to follow, share, and participate in this community.

Recent Activity

Brian Dunphy
RSA NetWitness Tech Huddles are an ongoing series of online presentations that cover a wide range of technical topics specific to RSA NetWitness solutions, including detailed discussions and demonstrations of the latest features and offerings, how-to’s, tips and tricks, and more. Check the schedule below for upcoming topics.   All RSA NetWitness…
in RSA NetWitness Platform
Kelly Ahlers
Click to view contentA question has come up a few times on how someone could exclude certain machines from triggering NetWitness Endpoint Agent alerts easily.   This particular use case were their "Gold Images" which are used for deploying machines.  As part of a bigger vision for other server roles & rules, a custom meta key was created called Server.Role to hold… (Show more)
in RSA NetWitness Platform
Ray Blair
Where is the mapping defined between NetWitness and syslog messages?  For example if I want to see a failed ssh login on a RedHat system I could look for the following in /var/log/messages: #     type=USER_AUTH #     $msg contains the following; ‘op=PAM’  exe=”/usr/sbin/sshd”  res=failed #     acct=username can identify who performed the ssh… (Show more)
in RSA NetWitness Platform
Ben Taratoot
First, I'm a beginner with Netwitness so forgive me if my terminology is slightly off. I'm using the default ZScaler NSS parser from RSA. It has been working for some time. I just need to make a slight change. Currently the urlclass in the raw log is not mapped to any meta (as far as I can tell). The category meta currently shows its value equal… (Show more)
in RSA NetWitness Platform
vladimir rydvanov
Hello!   I can`t find document named RSA NetWitness Platform 11.4 Language Pack Release Notes.
in RSA NetWitness Platform
Denise Sposato
Welcome to Digiville, the bustling city where risk and security leaders come together to manage digital risk and enable business transformation. In this episode of “Good Morning Digiville,” RSA Portfolio Strategist Steve Schlarman will take you on a subway tour of Digiville’s Compliance neighborhood. There, he’ll meet up with RSA Risk Strategist… (Show more)
Ernie Castro
I recently integrated Office 365 logs into NetWtiness.  I installed all 5 parser packs and everything works fine.    I want to set up dashboards and enable some rules and would like to know a good baseline to start.   Has anyone made Office 365 dashboards? What do they display and what are some specific things to look for?   Are my current… (Show more)
in RSA NetWitness Platform
Stewart Gray
I've included a new meta key under index-concentrator-custom.xml to be indexed (and be searchable). Is it possible to have this meta information available for historical / old log data and not just new data? There is a doc here Rebuilding the Index which talks about reindexing, but i'm not 100% sure if it applies to new meta / modified meta. I… (Show more)
in RSA NetWitness Platform
Prasanna Madhushanka
Click to view contentHi,   We need to add our Checkpoint logs to RSA Engine. When we trying to pull cert in RSA event source following error occurred.Please help to resolve this matter.     We followed attached guideline for the configurations.Please assist to solve this.Thanks!
in RSA NetWitness Platform
Load more items