ESM: Manage Tab

Document created by RSA Information Design and Development on Sep 6, 2017Last modified by RSA Information Design and Development on Oct 4, 2017
Version 8Show Document
  • View in full screen mode
  

The Manage tab organizes event sources into groups, and displays attributes for each event source.

To access this tab, go to ADMIN > Event Sources. The Manage tab is displayed by default.

Workflow

This workflow shows the overall process for configuring event sources.

What do you want to do?

                       
RoleI want to...Documentation
Administrator

Create an event source group.

Creating Event Source Groups

Administrator Edit or delete an event source group.

Managing Event Source Groups

Related Topics

Creating Event Source Groups

Managing Event Source Groups

Creating an Event Source and Editing Attributes

Quick Look

The Manage tab organizes event sources into groups, and displays attributes for each event source. The Manage tab consists of two panels, Groups and Event Sources.

Manage tab displays two panels: Groups and Event Sources.

Groups Panel

The Groups Panel lists the event source groups, as well as a count of the members for each group. To see all event sources, select All from the groups list. This is an example of the Groups panel.

Example of Groups panel.

                 
1

Displays the standard NetWitness Suite icons for adding, removing, or editing groups.

2

Lists the identifier for each group in the Name column. You can use the group names to quickly identify some of the criteria used to form the group.

For example, if you create a group that consists of Windows event sources for the Sales organization, you could name the group Windows Sales Sources.

Note: The event source group name is not editable. Once you create a group, that name exists as long as the group itself.

3

The count for an event source group indicates the number of event sources in that group. That is, the number of event sources that match the criteria used to define the group.

Note: The count is not dynamically updated when new event sources are added. Thus, you may need to refresh to see an updated group count.

Event Sources Panel

The Event Sources panel displays the attributes for the event sources in the selected group. Or, if All is selected in the Groups panel, the Event Sources panel lists all event sources.

Example of Event Sources panel.

                               
1

The toolbar contains the following tools:

  • Add: manually add an event source
  • Remove: remove an event source
  • Edit: Update attributes for an existing event source
  • Import / Export menu: Displays a menu with the following options:
    • Import: Import event sources from a  Content Management Database (CMDB), spreadsheet, or other tool.
    • Export: Export selected event sources and their attributes in CSV format.
    • Export Group: Export the entire group that is currently selected.
 
2Columnar display of attributes. You can choose which attributes to display.

 

3Actions: Shortcut menu for often-used commands: Edit, Delete, and Export. 
4Checkboxes: Select rows to use when performing tasks on multiple event sources, such as bulk editing.

 

5Navigation Tools:

At the bottom of the screen, there are items that help in navigating your group:

  • Page x of y: indicates which page you are currently displaying, and how many total pages exist for this group.
  • <<, <, > and >>: click these icons to move between pages either one at a time (< and >) or to the first (<<) or last (>>) page.
  • Page Size: use this selector to choose your page size.
  • Displaying x - y of z: quick check of which event sources are currently displayed out of the total number for the group.
 

Sorting

In the Event Sources panel, the list of items is presented in a sorted order. You can choose which column on which to sort. Note, however, that the sort order depends on capitalization. 

For any string column, if the values contains a mix of lower case and upper case, the upper case appear in the list before the lower case values.

For example, assume the Event Source Type column contains the following entries: Netflow, APACHE, netwitnessspectrum, ciscoasa. The sort order would be as follows:

  • APACHE
  • Netflow
  • ciscoasa
  • netwitnessspectrum
You are here
Table of Contents > References > ESM: Manage Tab

Attachments

    Outcomes