Live Feedback: Learn More

Document created by RSA Information Design and Development on Feb 12, 2019Last modified by RSA Information Design and Development on Jul 9, 2019
Version 3Show Document
  • Comment0
  • View in full screen mode
 

RSA Live Feedback collects information and makes it available to RSA to better understand your license usage and version of hosts deployed. This information provides RSA with insights on the NetWitness deployments and helps make decisions such as when to extend support or deprecate certain versions, what new features and enhancements to prioritize in the upcoming releases.

All information collected will be sent securely to RSA and will remain confidential.

Deployment and License Information

License usage details is collected to understand the compliance with the license purchased and usage trends.

In case of Endpoints, details on the number of agents on which operating system the agent is installed. It also collects information about how many of the deployed agents are active.

In case of UEBA deployments, details like number of users per day, and how many users are active.

Product version of host information of NetWitness Platform and components is collected. For example, version of Concentrators, Decoders in your deployment.

Information Collected

Live Feedback collects the following component metrics information:

                                               
ComponentsInformation Collected

Endpoint Server

 

Version

Uptime

Running Since

Usage:

  • Number of agents deployed.

OS Used:

  • WinHosts
  • LinuxHosts
  • MacHosts
  • Total Hosts

UEBA  Server

 

Version

Uptime

Running Since

User Information:

  • Daily Active Users Count

Alert

  • Daily Alerts Created Count,
  • Daily Events Processed Count,
  • Daily Alert Indicators Created Count
  • Daily Smarts Created Count,
  • Daily Smart Indicators Created Count, 

Concentrator

 

Version

Uptime

Running Since

Decoder

 

Version
Uptime

Running Since

ESA Analytics Server

 

Version

Uptime

Running Since

 

Log Decoder

 

Version

Uptime

Running Since

Archiver

 

Version

Uptime

Running Since

ESA Correlation Server

Version of ESA Correlation Server

General Service Stats:

Service Version,

Uptime,

running since

 

Stats for each Rule:

AlertStatementFired

Deployed

DeployedTimestamp

Enabled

EventsMatch,

Id,

LastTimeAlertFired,

MetricStatementFired,

ModuleType,

RuleEngineStatementFired,

RuleId,

RuleType,

StatementFired,

CpuLockedTimeNanos,

CpuLockedTimePercentage,

MemoryUsage

 

Stats for Deployments:

Enabled

MaxEventsPerSecond

ProcessedEvents

ProcessedEventsRate

StatementMetricsEnabled

Id

InstanceId

Running

 

Stream Stats:

BufferSize

Clause

ConnectionTimeOut

DotsToUnderscores

EventSourceId

Id

LagTime

Mechanism

MinutesBack

MultiValued

MultiValuedAsArray

Polling

PollingFifteenMinuteRate

PollingFiveMinuteRate

PositionTracking

ReaderBufferSize

SocketTimeout

SourcePollInterval

StartSessionId

TcpNoDelay

TimeBatchInSeconds

TimeMeasuredInSeconds

TimeMetaField

TimeOrdered

UseEventTimeForEsper

 

Stream Sources stats:

Current Time

LastReceivedSessionId

LastReceivedTimestamp

Module

Service Status

Session Last Id

Session Rate

Session Written Last Hour

SessionsBehind

State

Version

Other Services

Version of any other deployed services

Uptime

Running Since

You are here
Live Feedback

Attachments

    Outcomes

      Visibility: RSA NetWitness Platform Online Documentation61 Views
      Last modified on Jul 9, 2019 11:15 AM
      Ratings: