on Jun 14, 2016Article Content
| Article Number | 000026502 | |||||||||||||||||||||||||||||||||||||||
| Applies To | RSA Product Set: NetWitness Logs & Network, Security Analytics RSA Product/Service Type: Broker, Concentrator, Archiver, Log Decoder, Decoder RSA Version/Condition: 10.6,11.0,11.1, 11.2, 11.3 Platform: CentOS 6, CentOS 7 | |||||||||||||||||||||||||||||||||||||||
| Issue | How to start and stop capture and aggregation on RSA NetWitness appliances using NwConsole. How can I stop and start aggregation on my concentrator, archiver, or broker appliance from the command line? What is the method for stopping and starting capture on my decoder or log decoder device from NwConsole? | |||||||||||||||||||||||||||||||||||||||
| Tasks | NwConsole is a utility that can be used to communicate to a core service as if you were using the UI or the explore view. This is a command-line alternative to executing commands. | |||||||||||||||||||||||||||||||||||||||
| Resolution | The following commands may be used to start and stop aggregation or capture on RSA NetWitness core appliances using NwConsole. They rely on you knowing the service level passwords for the users. These service-level users exist on the View > Security tab for each of the core services.
If you are unsure of any of the commands above or experience any issues, contact RSA Support and quote this article ID for further assistance. | |||||||||||||||||||||||||||||||||||||||
| Legacy Article ID | a66530 |