To generate an agent packager to collect endpoint data from hosts:
Log in to NetWitness Platform.
Type https://<NW-Server-IP-Address>/login in your browser to get to the NetWitness Platform Login screen.
Enter the values in the following fields:
Displays all the available Endpoint servers in the deployed. Endpoint Server Forwarder (Optional) The optional Endpoint Server Forwarder allows you to enter an alternative Fully Qualified Domain Name (FQDN) or IP address on which the sever can be reached in the case that agents need to go through a NAT or similar in order to reach the Endpoint Server. If specified forwarder is not available, agent will eventually fall back to the packaged address. HTTPS Port Port number. For example, 443.
Determines how the agent validates the Endpoint Server certificate:
- None – The agent will not validate the server certificate.
- Certificate Thumbprint – default selection. The agent identifies the server by validating the thumbprint of the Root CA of the server certificate.
Certificate Password Password used to download the packager. The same password is used while generating the agent installer. For example, netwitness. Auto Uninstall Date and time the agent automatically uninstalls. You can leave it blank if not required.
Overwrites the installed Windows agent regardless of the version. If this option is not selected, the same installer can be run multiple times on a system, but installs the agent only once.
If you enable this option, make sure that you provide the same service name and driver service name as the previously installed agent, while creating a new agent.
After you move an agent from one deployment to another, using Force Overwrite to change the agent incurs an 8-hour delay in communication between the agent and its Endpoint Server on the new deployment. To eliminate the delay, uninstall the agent from the old deployment, and reinstall the agent on the new deployment.
Service Name Name of the agent service. For example, NWEAgent.
Display name of the agent service. For example, RSA NWE Agent.
Description Description of the agent service. For example, RSA NetWitness Endpoint.
Driver Service Name
Name of the driver service. For example, NWEDriver.
Driver Display Name Display name of the driver service. For example, RSA NWE Driver. Driver Description Description of the driver service. For example, RSA NetWitness Endpoint Driver. Generate Agent Generates an agent packager.
Click Generate Agent.
This downloads an agent packager (AgentPackager.zip) on the host where you are accessing the NetWitness Platform user interface.
Table of Contents > Generate an Agent Packager