NW Cfg: Legacy Notifications Configuration Panel

Document created by RSA Information Design and Development on Sep 14, 2017Last modified by RSA Information Design and Development on Oct 13, 2017
Version 8Show Document
  • View in full screen mode
  

The Legacy Notifications Configuration panel provides the ability to configure syslog and SNMP notification settings. These configurations are used for Entitlement, legacy Event Source Management (ESM), Warehouse Connector monitoring, and Archiver monitoring.

Procedures related to these settings are described in Configure Syslog and SNMP Settings.

Workflow

Legacy Notifications Configuration workflow

What do you want to do?

                       
Role I want to ...Show me how
AdministratorConfigure Syslog SettingsConfigure Syslog and SNMP Settings
AdministratorConfigure SNMP SettingsConfigure Syslog and SNMP Settings

Related Topics

Quick Look


Legacy Notifications Configuration panel

                 
1Displays the Legacy Notification Configuration Panel.
2Allows the user to configure syslog notifications for Entitlement, legacy Event Source Management (ESM), Warehouse Connector monitoring, and Archiver monitoring.
3Allows the user to configure SNMP notifications for Entitlement, legacy Event Source Management (ESM), Warehouse Connector monitoring, and Archiver monitoring.

Toolbar and Features

The Legacy Notifications Configuration Panel consists of two sections: Syslog Settings and SNMP Settings.

Syslog Settings

The following table describes the available options for configuring syslog notifications for Entitlement, legacy Event Source Management (ESM), Warehouse Connector monitoring, and Archiver monitoring.

                                                                   
FeatureDescription
EnableEnables the syslog settings configured here.
Server NameSpecifies the host where the target syslog process is running.
Server portSpecifies the port where the target syslog process is listening.
FacilitySpecifies the designated syslog facility to use for all outgoing messages. Possible values are KERN, USER, MAIL, DAEMON, AUTH, SYSLOG, LPR, NEWS, UUCP, CRON, AUTHPRIV, FTP, LOCAL1 through LOCAL7.
EncodingSpecifies the encoding to use for text in syslog messages, for example, UTF-8.
FormatSpecifies the message format. Possible values are: Default, PCI DSS, or SEC.
ProtocolSpecifies the communications protocol used when sending syslogs: UDP or TCP. By default, the UDP protocol is selected.
Max lengthSpecifies the maximum length in bytes of any syslog message. The default value is 2048. Messages that exceed the maximum length are truncated when the Truncate overly large syslog messages checkbox is selected.
Truncate overly large syslog messagesWhen checked, any messages exceeding the maximum length are truncated.
Include the local timestamp in syslog messagesWhen checked, NetWitness Suite includes the local timestamp in messages.
Include the local hostname in syslog messagesWhen checked, NetWitness Suite includes the local hostname in syslog messages.
Optionally use IDENT protocolWhen checked, NetWitness Suite prepends the identity string to outgoing syslog alerts.
Identity stringThis is an identity string to be prepended to each syslog alert. If the string is blank, no identity string is prepended to the outgoing syslog alerts. You can use this to identify the source of the alert. Users conventionally set it to the name of the program that sends the syslog message.
ApplyApplies the syslog configuration settings.

SNMP Settings

The following table describes the available options for configuring SNMP notifications for Entitlement, legacy Event Source Management (ESM), Warehouse Connector monitoring, and Archiver monitoring.

                                             
Feature Description
EnableEnables the SNMP settings configured here.
Server NameSpecifies the SNMP trap host.
Server portSpecifies the listening port on the SNMP trap host
SNMP versionSpecifies the SNMP version, v1 or v2c.
Trap OIDSpecifies the object ID for the SNMP trap on the trap host that receives the audit event. The default value is 0.0.0.0.0.1.
CommunitySpecifies the community string used to authenticate on the SNMP trap host, the default value is public.
EnableEnables SNMP notifications as configured here.
ApplyApplies the SNMP configuration settings.
You are here
Table of Contents > References > Legacy Notifications Configuration Panel

Attachments

    Outcomes