000037643 - How to enable ping for business critical applications on RSA NetWitness devices

Document created by RSA Customer Support Employee on Jul 11, 2019
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000037643
Applies ToRSA Product Set: NetWitness Logs & Network
RSA Product/Service Type: Core Appliance
RSA Version/Condition: 11.1.0,, 11.3.x
IssueBusiness utilizes monitoring with the use of ping and ICMP.  When business monitoring has priority over the risk of a denial of service attack you can adjust ip_tables to allow ping.
  1. SSH into the NetWitness device
  2. Edit the following file /etc/sysconfig/iptables-config

    and set



  3. Run the following command to add to iptables rules:

    iptables -I INPUT 1 -p icmp -j ACCEPT

  4. Restart or stop and start iptables service:
    service iptables stop

    service iptables start


    service iptables restart



NotesAdditional RSA community discussion on this subject can be found at the link below: