|Applies To||RSA Product Set: NetWitness, Security Analytics|
RSA Product/Service Type: NextGen
|Issue||How to perform a data reset on an RSA NetWitness concentrator or broker appliance.|
A data reset may be necessary for any number of reasons including:
Follow these steps in RSA NetWitness Administrator to perform a data reset on a Concentrator or a Broker:
From version 220.127.116.11 on, you will be required to enter a confirmation code before being able to proceed with a data reset. This code will be displayed on the screen as soon as you issue the command.
This will cause the databases to be zeroed and the Concentrator or Broker service will be restarted automatically.
It will take some time for the index to rebuild but once complete you should have freshly aggregated/indexed data from your Decoder(s)/Concentrator(s) (assuming you have your Concentrator or Broker set to aggregate from one or more Decoders/Concentrators and have started aggregation either automatically or manually).
|Notes||If, for any reason, you are unable to do a data reset via RSA NetWitness Administrator, please contact RSA Customer Support and reference knowledge base article 000026957.|
|Legacy Article ID||a58713|