Skip navigation
Log in to follow, share, and participate in this community.

Recent Activity

RSA Information Design and Development
    This section provides detailed information about the NetWitness Platform supported antivirus (AV) vendors. Supported AV vendors: The following are the new AV vendors supported in NetWitness Platform version 11.4.0.1 or later. Panda Gdata Avast Carbonblack Dr.Web enSilo Invincea Rising SentinelOne…
RSA Information Design and Development
View PDF    System Configuration Overview  Standard ProceduresAccess System Settings  Configure Notification ServersNotification Servers Overview Configure the Email Settings as Notification Server Configure Script as a Notification Server Configure the SNMP Settings as Notification Server Configure a Syslog Notification Server  Configure…
RSA Information Design and Development
    Configure Centralized Audit Logging RSA NetWitness Platform collects audit logs from all the NetWitness services and aggregates it into a single file in a centralized location on the NetWitness Admin Server. This aggregated log file provides the advantage for faster access and easy analysis of the audit logs. The aggregated logs from all…
RSA Information Design and Development
    Global Audit Logging provides NetWitness Platform Auditors with consolidated visibility into user activities within NetWitness Platform in real-time from one centralized location. This visibility includes audit logs gathered from the NetWitness Platform system and the different services throughout the NetWitness Platform infrastructure. …
RSA Information Design and Development
Click to view content    In the Global Notifications panel, you can configure global notification settings for Notification Servers, Notification Outputs, and Notification Templates. On the Templates tab, you configure the templates for various notifications. The notification template defines the format and message fields of the notifications. You can select a…
RSA Information Design and Development
Click to view content    The Legacy Notifications Configuration panel provides the ability to configure syslog and SNMP notification settings. These configurations are used for Entitlement, legacy Event Source Management (ESM), Warehouse Connector monitoring, and Archiver monitoring. Procedures related to these settings are described in Configure Syslog and SNMP…
RSA Information Design and Development
    This topic provides instructions on how to configure notification servers. For ESA, notification servers are required to define an ESA rule. A notification server is also required to configure global audit logging. Global Notifications configurations define notifications settings for Event Source Management (ESM), Health and Wellness,…
RSA Information Design and Development
Click to view content    This topic provides instructions on how to configure Network Time Protocol (NTP) servers. NTP is a protocol designed to synchronize host machine clocks over a network.  For more information on NTP go to their home page (http://www.ntp.org/). Note: NetWitness Server Core hosts must be able to communicate with the NetWitness Server host with…
RSA Information Design and Development
Click to view content    This topic describes the Define Notification Server dialogs used to configure the settings of the various types of notification servers. You configure notification servers in the ADMIN > System > Global Notifications > Servers tab. Notifications are used by a variety of components in NetWitness Platform, such as Event Stream Analysis…
RSA Information Design and Development
    This topic describes the meta key variables that NetWitness Platform global audit logging supports. NetWitness Platform provides predefined global audit logging templates that you can use for your global audit logging configurations. For third-party syslog servers, you can define your own template format (CEF or non-CEF) using supported…
Load more items