This on-demand lab presents an overview of troubleshooting steps and tips for RSA NetWitness Endpoint..
This self-paced on-demand lab examines common troubleshooting issues customers face in RSA NetWitness Endpoint implementations. You will first be presented with a common troubleshooting methodology framework in the context of RSA NetWitness Endpoint. Then, you will examine a number of common customer use cases where
you will identify the root cause of the issue, and remediate the problem. Lab exercises provide students with the ability to practice what they have learned. To maximize the value of your learning experience, this course also includes access to RSA University’s virtual environment.
Anyone interested in an overview of troubleshooting RSA NetWitness Endpoint
1.5 hours course and 2 hour lab
Note: RSA University’s lab environment is provided for 10 hours of overall practice time over a 14-day period.
Accessing the Lab Environment
Lab exercises are performed in the RSA University virtual lab environment. The downloadable Lab Guide provides detailed instructions on access the environment.
For more information please view the document Access RSA University Virtual Labs –
available on the RSA University site: RSA University Content.
Students should have completed the following courses (or have equivalent knowledge) prior to taking this training:
Upon successful completion of this course, participants should be able to:
- Describe and list general troubleshooting methodology in an RSA NetWitness Endpoint environment
- Determine the overall health of an RSA NetWitness Endpoint environment
- Troubleshoot the most common RSA NetWitness Endpoint issues
- Use common tools to identify and/or remediate common RSA NetWitness Endpoint issues
- Identify symptoms of a non-functioning ECAT environment
- Resolve Agent issues
- Resolve Server issues
- Monitor connected machines in the ECAT UI
- Module 1 - General Troubleshooting Methodology
- General Methodology
- Incorporation of Process in RSA NetWitness Endpoint Environment
- Module 2 - Troubleshooting Basics in an RSA NetWitness Endpoint Environment
- ECAT Components
- Standard Behaviors
- Module 3 - Troubleshooting the Flow of a Scan
- ConsoleServer Activity
- Component Issues
- Decision Tree/Process Flow
- Module 4 - Troubleshooting General Issues
- Files Path
- Broker Not Enabled
- Stored Procedure
- Module 5 - Additional Troubleshooting Resources
Exercise 1: Agent Machines are not Appearing in the
Exercise 2: Agent Machines are not Updating in the
Exercise 3: Agent Installation Issues