Hosts GS: The Basics

Document created by RSA Information Design and Development on Jul 27, 2016Last modified by RSA Information Design and Development on Jul 27, 2016
Version 2Show Document
  • View in full screen mode

This topic introduces hosts and services and their respective purposes in the Security Analytics network.

A host is the machine on which a service runs. Also referred to as an appliance, a host can be a physical or virtual machine.

Hosts and services must be configured to communicate with the network and each other. Then, they can perform their respective functions such as storing or capturing data. 

A service performs a unique function, such as collecting logs or archiving data. Each service runs on a dedicated port and is modeled as a plugin to enable or disable, according to the function of the host. Core services that must be configured first are:

  • Decoder
  • Concentrator
  • Broker
  • Log Decoder

Each service is listed below and has its own guide in Host and Services Configuration Guides.

  • Archiver
  • Broker
  • Concentrator
  • Decoder
  • Event Stream Analysis
  • Incident Management
  • IPDB Extractor
  • Log Collector
  • Log Decoder
  • Malware Analysis
  • Reporting Engine
  • Warehouse Connector
  • Workbench
You are here: The Basics