RSA NetWitness Logs and Packets: Introduction to Troubleshooting for Customers

Document created by Craig Hansen Employee on Feb 1, 2016Last modified by Elizabeth Maloney on Oct 4, 2016
Version 11Show Document
  • View in full screen mode

Register Now


This on-demand learning provides an introduction to troubleshooting RSA NetWitness Logs and Packets.




This self-paced on-demand learning will improve your understanding of how to troubleshoot RSA NetWitness Logs and Packets 10.4. Through a series of interactions and “just-show-me” video demonstrations, this course will answer common questions about troubleshooting RSA’s NetWitness Logs and Packets and provide you with the concepts needed to begin troubleshooting on your own.


The content is specific to NetWitness Logs and Packets (formerly Security Analytics) version 10.4. However, there is a lot of commonality between versions and some of the things that you learn may be used to troubleshoot older or newer versions of NetWitness Logs and Packets. Please keep this in mind as you proceed because there may well be variances based on the version.



RSA Customers


Delivery Type

On-Demand Learning



2.5 hours


Prerequisite Knowledge/Skills

Students should have the following skills or knowledge prior to attending class:

  • Familiarity of a general troubleshooting methodology
  • Basic understanding of networking concepts
  • Familiarity with Linux, Java, scripting, and computer hardware
  • Basic experience with RSA NetWitness Logs and Packets


Course Objectives

Upon successful completion of this course, participants should be able to:

  • Describe NetWitness Logs and Packets troubleshooting strategies & basic-practices
  • Identify techniques to troubleshoot several specific NetWitness Logs and Packets issues after viewing videos
  • Describe an overall approach to troubleshooting Security Analytics
  • Describe general IT troubleshooting, complexity of NetWitness Logs and Packets, need to look beyond the UI
  • Describe the NetWitness Logs and Packets core components
  • Describe the flow of data throughout an NetWitness Logs and Packets environment
  • Describe the life cycle/processing of data
  • Identify the interaction between components
  • Identify common issues with core components


Course Outline

  • Introduction
  • Component Architecture
  • Data Flow
  • Platform Overview
  • Life-Cycle of Data
  • Starting Points: Issues with Components Interacting
  • Assessment
  • Course Evaluation

Register Now