LogRhythm - RSA NetWitness Suite Integration Guide

Document created by Michael Dickerson Employee on Jun 28, 2017Last modified by Michael Dickerson Employee on Jul 7, 2017
Version 2Show Document
  • View in full screen mode

The 'NetWitness-LogRhythm' integration guide contains references on how to enable basic right-click functionality to pivot from LogRhythm to Netwitness via the Critical Start Plugin, how to forward Audit Logs, & ESA Alerts to LogRhythm. Future versions of this guide will include how to configure LogRhythm to automatically initiate a Netwitness query when a LogRhythm 'Alarm' is generated, generate a Netwitness Investigation URL/Link from that query, and populate the URL/Link directly into the LogRhythm Alarm via a LogRhythm PowerShell plugin.



3 people found this helpful