000038661 - How to test the Connectivity between RSA NetWitness Endpoint Agents and Endpoint Server

Document created by RSA Customer Support Employee on Apr 6, 2020
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000038661
Applies ToRSA Product Set: RSA NetWitness Platform
RSA Product/Service Type: Endpoint Log Hybrid
RSA Version/Condition:  11.3.x and 11.4.x
Platform: CentOS 7
IssueHow to test the Connectivity between Endpoint Agents and Endpoint Server for Endpoint Collection.
TasksThis article explains how to test the connectivity between the Endpoint Windows Agents and EndPoint Server on TCP/443 and UDP/444 used for EndPoint Collection.
ResolutionIn order to collect Endpoint data from the Agents, communication should be on TCP/443 and UDP/444 in the direction from the Agent to the EPLH Server as per Network Architecture and Ports (https://community.rsa.com/docs/DOC-83050).

So in order to test the communication, run the below commands on CMD:

C:\Users\Administrator>cd\
C:\>cd Windows
C:\Windows>cd System32
C:\Windows\System32>NWEAgent.exe/testnet


The output should be something like the below screenshot.

User-added image 

 
NotesFor Windows and File Log Collection, we need to open different ports.

Attachments

    Outcomes