Log Collection: Configure Collection Protocols and Event Sources

Document created by RSA Information Design and Development on Sep 11, 2017Last modified by RSA Information Design and Development on Oct 12, 2017
Version 7Show Document
  • View in full screen mode
  

This topic tells you how to configure collection protocols and the event sources using those protocols.

You configure the Log Collector to collect event data from your event sources in the Event Sources tab of the Log Collection parameter view.

To configure a collection protocol:

  1. Go to ADMIN> Services from the NetWitness Suite menu.
  2. Select a Log Collection service.
  3. Under Actions, select > View > Config to display the Log Collection configuration parameter tabs.
  4. Click the Event Sources tab.

    Event Sources tab is displayed.

  1. Select a collection protocol (for example, File) and select Config.
  2. Click and select an event source.
  3. Select the newly added category and click .
  4. Specify the parameters for the event source. For details, see the individual collection protocol topics.

The following guides provide detailed instructions on how to configure the collection protocols and their associated event sources in NetWitness Suite.  Each guide includes an index to configuration instructions for the event sources supported for that collection protocol.

To configure individual collection protocols, see the following topics:

 

 
You are here
Table of Contents > Collection Protocols

Attachments

    Outcomes