For NetWitness Platform 11.4.1, this view has been deprecated. To manage Event Sources, use the Admin > Event Sources view. For details, see "About Event Source Management" in the RSA NetWitness Platform Event Source Management Guide.
NetWitness Platform provides a way to monitor the statistics for various event sources in the User Interface. The information displayed is historical and comes from the Log Decoder. You can customize the view depending on the parameter you select to filter the data.
To access the Event Source Monitoring view:
Go to ADMIN > Health & Wellness.
The Health & Wellness view is displayed with the Alarms tab open.
Click Event Source Monitoring.
What do you want to do?
|Role||I want to ...||Show me how|
|Administrator||View the Events Collected from an Event Source||Historical Graph View for Events Collected from an Event Source|
- Monitor Event Sources
- Filter Event Sources
- View Historical Graph of Events Collected for an Event Source
The Event Source Monitoring view is displayed.
|1||Displays Event Source Monitoring tab.|
|2||Toolbar used to filter and customize the Event Source Monitoring tab.|
|3||Displays Event Source Stats panel.|
This table lists the various parameters you can use to filter and customize the event source monitoring view.
Type the name of an event source you want to monitor.
Select Regex to enable Regex filter. It performs a regular expression search against text and lists out the specified category. If Regex is not selected it supports globbing pattern matching.
Event Source Type
Select an event source type for the event source selected.
Select the Log Collector to display the data collected by the specified Log Collector.
Select a Log Decoder to display the data collected by the specified Log Decoder.
Select the time frame for which you want the stats.
Select the order in which the list needs to be filtered.
Select Ascending to filter it in an ascending order.
Click to apply the filters chosen and display the list accordingly.
Click to clear the chosen filters.
Export as CSV
Click to export the information as a csv file.
Event Source Stats View Display
|Event Source|| |
Displays the name of the event source.
|Event Source Type|| |
Displays the event source type.
|Log Collector|| |
Displays the Log Collector from where the events were initially captured.
|Log Decoder|| |
Displays the Log Decoder where the events are being processed.
Displays the number of events received by Log Decoder since last reset of count value.
|Idle Time|| |
Displays the time lapsed after the last stat collection.
|Last Collected Time|| |
Displays the time at which the Log Decoder last processed an event for the event source.