Skip navigation
Log in to follow, share, and participate in this community.

Recent Activity

RSA Information Design and Development
View PDF    Overview Agent Modes Endpoint Log Hybrid Configuration Deploy Endpoint Application Rules and ESA Correlation Rules Setup Meta Forwarding to Log Decoder Endpoint Sources Create Groups and Policies Manage Groups Manage Policies Configure Data Retention Policy Manage Inactive Agents (Optional) Install and Configure Relay Server Configure…
RSA Information Design and Development
Click to view content   In the Relay Server tab, you can download and configure Relay Server . To access this view:   Go to ADMIN > Services. In the Services view, select Endpoint Server. Click and select > View > Config. Click the Relay Server tab. Workflow   What do you want to do?                        User Role I want to ... Show me how Administrator…
RSA Information Design and Development
Click to view content   Note: The information in this topic applies to RSA NetWitness Platform Version 11.1 and later. NetWitness Platform provides an endpoint detection and response solution that continuously monitors the behavior of all endpoints in the network to provide deep visibility and analysis of executables and processes. It helps to detect new, unknown,…
RSA Information Design and Development
   Note: The information in this topic applies to RSA NetWitness Platform Version 11.3 and later. You must configure the location to download the files from hosts to the Endpoint server. To configure, make sure that you have endpoint-server.configuration.manage permissions. Create a directory in the Endpoint server and provide write…
RSA Information Design and Development
Click to view content   Note: The information in this topic applies to RSA NetWitness Platform Version 11.3 and later. You can view group details, edit group details, filter endpoint groups, delete groups, and edit group ranking. For details on how to create groups, see Create a Group. View Group Details To view properties of the selected group: Go to ADMIN >…
RSA Information Design and Development
Click to view content   An administrator can configure the retention policies to retain the Endpoint data based on the age or the storage size. By default, days and size-based retention policies are enabled. To change the configuration for age-based retention: Go to ADMIN > Services In the Services view, select the Endpoint Server service. Click and select >…
RSA Information Design and Development
Click to view content   In the General tab, you can configure the Endpoint metadata forwarding for multiple endpoint servers. To access this view:   Go to ADMIN > Services. In the Services view, select Endpoint Server for which you want to configure the metadata forwarding. Click and select > View > Config. Click the General tab.   Workflow What do you want…
RSA Information Design and Development
Click to view content   You can configure the Endpoint Metadata for the NetWitness Endpoint 4.4.0.2 by integrating the Meta Integrator service in the NetWitness Endpoint 4.4.0.2 directly to a Log Decoder. You can view the Endpoint metadata in the Investigate > Navigate and Event Analysis view. This integration includes the following steps: Enabling the NetWitness…
RSA Information Design and Development
   This section is intended to help you understand the purpose of the Services Config View for the Endpoint Server. For each configuration, there is a brief introduction and a What Do You Want To Do table with links to related procedures. In addition, it includes workflow and Quick Look sections to highlight important features in the user…
RSA Information Design and Development
Click to view content   This topic provides the high-level tasks required to configure the Endpoint Log Hybrid.                                                         Tasks Description Install the Endpoint Log Hybrid See the Physical Host Installation Guide and Virtual Host Setup Guide. Deploy Application and ESA Rules See Deploying Endpoint Application Rules and…
Load more items