RSA Security Analytics, Updates Needed for ESA Configuration

Document created by RSA Link Team Employee on Apr 28, 2016
Version 1Show Document
  • View in full screen mode


RSA is notifying customers of a configuration change impacting ESA in 10.5 and 10.6 environments.  This configuration is set to determine whether certain services utilize the system clock where ESA is deployed or event time. Dependent on rule logic applied, this setting could have an affect on customers alerts.


Affected Products:

RSA Security Event Stream Analysis upgraded to 10.5 and 10.6



RSA recommends all customers check and validate the setting on their ESA systems. Full instructions for how to check as well as steps to change and restart have been provided in KB article 32867.


For additional documentation, downloads, and more, visit the RSA NetWitness Platform on RSA Link


EOPS Policy:

RSA has a defined End of Primary Support policy associated with all major versions. Please refer to the link below for additional details.
Product Version Life Cycle