Skip navigation
All Places > Products > RSA NetWitness Platform > RSA NetWitness Platform Online Documentation > Documents
Log in to create and rate content, and to follow, bookmark, and share content with other members.

Search for Specific Event Sources

Document created by RSA Information Design and Development on Apr 23, 2020
Version 1Show Document
  • View in full screen mode
 

In some cases, your Log Collector may contain a lot of pre-configured event sources for a specific collection protocol (for example File). If so, you can quickly search for one or more event sources based on address (IP/hostname) or name.

To search for one or more specific event sources:

  1. Go to Admin > Services from the NetWitness Platform menu.
  2. Select a Log Collection service.
  3. Under Actions, select actions menu  > View > Config to display the Log Collection configuration parameter tabs.
  4. Click the Event Sources tab.
  5. In the Event Sources tab, select any collection protocol/Config from the drop-down menu.

    Event Sources tab is displayed.

  6. From the Filter by Name / Address text field, enter an IP address or hostname and click Enter.

    Event sources that match the information entered into the search box are returned. For example, the image below shows a list of Check Point event sources whose names match the string checkpoint11.

Previous Topic:Basic Procedure
You are here
Table of Contents > Log Collection Basics > Search for Specific Event Sources

Attachments

    Outcomes