on Apr 28, 2017
In order to register for a class, you need to first create an EMC account
If you need further assistance, contact us
Overview
This on demand learning describes common use cases and troubleshooting techniques relating to ESA. Important ESA log and configuration files are discussed as well as troubleshooting ESA using esatool.
Audience
Anyone interested in using RSA NetWitness Platform.
Delivery Type
On-Demand Learning
Duration
60 minutes
Prerequisite Knowledge/Skills
Students should have completed the following courses (or have equivalent knowledge) prior to taking this training:
Learning Objectives
Upon successful completion of this course, participants should be able to:
- Describe ESA Workflow and architecture
- Describe MongoDB
- Troubleshooting using Mongo shell
- Troubleshoot ESA using the esatool
- Using the Health and Wellness module, discuss how ESA rules impact memory utilization
- Troubleshoot ESA using Explorer settings
- Troubleshoot ESA use cases
- List and evaluate log files associated with ESA troubleshooting
- Common Issues
- ESA service restarts
- Slow and/or unresponsive user interface
- Alerts delayed or no alerts
- Service and rule metrics
Course Outline
Troubleshooting ESA using Mongo Shell
- ESA Workflow
- ESA Architecture
- What is MongoDB
- Displaying alerts in the Mongo shell
Troubleshooting ESA using esatool
- Esatool precheck
- Esatool Health Check
- Esatool main menu
Using NetWitness to Troubleshoot ESA
- Disabled alerts
- Health and Wellness Stats browser
- MongoDB Maintenance
- Memory Threshold for trial rules
Common Troubleshooting Use Cases
- Important ESA files
- Common issues
- ESA service restarts
- Metrics
In order to register for a class, you need to first create an EMC account
If you need further assistance, contact us