on Jul 17, 2017
In order to register for a class, you need to first create an EMC account
If you need further assistance, contact us
Summary
This On-Demand Lab covers RSA NetWitness Logs & Network performance tuning and optimization topics, including query optimization, device and database tuning, group aggregation and monitoring performance.
Overview
This On-Demand Lab covers RSA NetWitness Logs & Network performance tuning and optimization topics, allowing analysts to improve performance through query optimization and efficient rule syntax. Students will also gain administrative skills to optimize performance through proper device configuration, database tuning, creating groups for aggregation and monitoring Health and Wellness alerts.
Audience
Customers, PS, Partners, CS, SE
Delivery Type
On-Demand Lab (self-paced eLearning with lab)
Duration
4 hours
Note: RSA University’s lab environment is provided for 10 hours of overall practice time over a 14-day period.
Accessing the Lab Environment
Lab exercises are performed in the RSA University virtual lab environment. The downloadable Lab Guide provides detailed instructions on access the environment. For more information please view the document Access RSA University Virtual Labs – available on the RSA University site: RSA University Content.
Prerequisite Knowledge/Skills
Students should have completed the following courses (or have equivalent knowledge) prior to taking this training:
- RSA NetWitness Logs & Network Foundations
- RSA NetWitness Logs & Network Core Administration or equivalent experience
Learning Objectives
Upon successful completion of this course, participants should be able to:
- Improve query efficiency
- Configure devices for optimal performance
- Optimize performance of the RSA NetWitness Database
- Perform Group Aggregation of Devices
- Monitor system performance using the Health and Wellness module
Course Outline
Optimizing Queries
- Query architecture and processing
- Query settings
- Query operators
- Indexing
- Managing meta keys
Tuning Devices
- Optimizing Live resources
- Optimizing the Decoders
- Optimizing the Concentrators
- Optimizing the Broker
- Optimizing the Reporting Engine
- Optimizing the Log Collector
- Optimizing the Archiver
- Configuring database rolloff
- Configuring index rolloff
Optimizing the Datastore
- Database functions and locations
- Optimizing index slices
- Optimizing index values
- Using NWConsole for database tuning
Group Aggregation
- Creating a group aggregation plan
- Setting up group aggregation
Monitoring Performance
- Health and Wellness alarms
- Health and Wellness policies
- Health and Wellness statistics
In order to register for a class, you need to first create an EMC account
If you need further assistance, contact us