Skip navigation
All Places > Products > RSA NetWitness Platform > RSA NetWitness Platform Online Documentation > Documents
Log in to create and rate content, and to follow, bookmark, and share content with other members.

ESM: NetWitness Event Sources

Document created by RSA Information Design and Development Employee on Apr 10, 2019Last modified by RSA Information Design and Development Employee on Apr 23, 2020
Version 5Show Document
  • View in full screen mode
 

Event sources are network sources that send information about events to the RSA NetWitness Platform. They can be physical devices, such as laptops, network switches or firewall, and virtual or cloud-based applications, such as VMware. For example:

  • An Apache HTTP Server
  • Amazon Web Services CloudTrail
  • A Barracuda Web Application Firewall
  • A connection to Dropbox
  • An Oracle Database
  • A VMware vCenter Server

You first configure all of your event sources so that they can communicate with the NetWitness Platform. RSA provides configuration guides for many common event sources, using a variety of collection methods (such as Syslog or file collection). After you have your event sources configured, use the information in this guide to manage them going forward.

You are here
Table of Contents > NetWitness Event Sources

Attachments

    Outcomes