RSA NetWitness Logs and Network Foundations 11.0

Document created by Joseph Cantor Employee on Dec 18, 2019Last modified by Joseph Cantor Employee on Jan 23, 2020
Version 7Show Document
  • View in full screen mode





In order to register for a class, you need to first create a Dell Education account

If you need further assistance, contact us


This On-Demand foundations course focuses on the core features and functions of the RSA NetWitness Logs & Network product for Administrators and Analysts.



This recorded training course provides a foundational overview of the core components of RSA NetWitness Logs & Network. Students gain insight into the core concepts, uses, functions and features of RSA NetWitness Logs & Network and also gain practical experience by performing a series of hands-on labs.



Anyone new to RSA NetWitness Platform.



24 hours


Prerequisite Knowledge/Skills

Students should be familiar with basic computer architecture, networking fundamentals and general information security concepts. Basic knowledge of the TCP/IP protocol stack is beneficial.


Course Objectives

Upon successful completion of this course, participants should be able to:

  • Describe the RSA NetWitness Logs & Network architecture, components and functions
  • Describe how metadata is created
  • Differentiate between meta keys, meta values, and metadata
  • Investigate data using simple and complex queries
  • Customize the investigation display
  • Filter data using rules
  • Create new meta values using Application and Correlation rules and RSA Live content
  • Create alerts using ESA and reporting rules to track potential threats
  • Create and manage incidents 











In order to register for a class, you need to first create a Dell Education account

If you need further assistance, contact us