Alerting: Settings Tab

Document created by RSA Information Design and Development Employee on Sep 12, 2017Last modified by RSA Information Design and Development Employee on Apr 23, 2020
Version 14Show Document
  • Comment0
  • View in full screen mode
 

This topic describes the components of the Configure > ESA Rules > Settings tab. In the Settings tab, you can perform the following tasks:

  • View a list of meta keys
  • Configure a data enrichment source
  • Add a connection to an external database (This option applies to NetWitness Platform version 11.2 and earlier.)

What do you want to do?

                                 
Role I want to ...Show me how
Content ExpertConfigure a connection to an external database. (This opton applies to NetWitness Platform version 11.2 and earlier.)See "Configure a Database Connection" in the NetWitness Platform 11.2 Alerting with ESA Correlation Rules User Guide.
Content ExpertConfigure a database as an enrichment source. (This option applies to NetWitness Platform version 11.2 and earlier.)See "Enrichment Sources" in the NetWitness Platform 11.2 Alerting with ESA Correlation Rules User Guide.

Content Expert

Configure an in-memory table as an enrichment source. (Recurring In-Memory Tables are no longer supported in version 11.3 and later.)

Configure an In-Memory Table as an Enrichment Source

Content ExpertConfigure a Context Hub list as an enrichment source.Configure a Context Hub List as an Enrichment Source

Related Topics

Quick Look

The following figure shows the Meta Key References section in the Settings tab.

ESA Rules Settings Tab showing Meta Key References

Meta Key References

The Meta Key References section lists each meta key and the type of value the key requires.

Enrichment Sources

In the Enrichment Sources section, you can configure the following external data sources:

  • GeoIP
  • External Database Reference (This option applies to NetWitness Platform version 11.2 and earlier.)
  • In-Memory Table ( Add hoc only - Recurring In-Memory Tables are no longer supported in version 11.3 and later.)
  • Warehouse Analytics (This option applies to NetWitness Platform version 11.2 and earlier.)
  • Context Hub

The following figure shows the Enrichment Sources section in the Settings tab.

ESA Rules Settings Tab showing Enrichment Sources

Database Connections

Note: This section applies to RSA NetWitness Platform Version 11.2 and earlier.

In the Database Connections section, you can configure a connection to an external database so ESA can access that data.

The following figure shows the Database Connections section in the Settings tab.
ESA Rules Settings Tab showing Database Connections

In the Database Connections section you can perform the following:

  • Add a Database Connection
  • Delete a Database Connection
  • Edit a Database Connection
  • Duplicate a Database Connection
  • Import a Database Connection
  • Export a Database Connection

Previous Topic:Services Tab
You are here
Table of Contents > ESA Alert References > Settings Tab

Attachments

    Outcomes

      Visibility: RSA NetWitness Platform Online Documentation391 Views
      Last modified on Apr 23, 2020 4:07 PM
      Ratings: