- Quickly search for and locate a specific service or type of service, such as Log Decoder or Warehouse Connector
- Use shortcuts to get to administration tasks
- Add, edit, and remove services
- Manage licensing and view the license status of a service (licensed or unlicensed)
- Sort Services by Name and Host
- Filter services by Type and by Name and Host
- Start, stop, and restart services
A service performs a unique function, such as collecting logs or archiving data. Each service runs on a dedicated port and is modeled as a plug-in to enable or disable, according to the function of the host. You must configure the following Core services first.
- Core Services
- Decoder (Packets)
- Log Decoder
- Other Services
- Cloud Gateway
- Context Hub
- Entity Behavior Analysis
- Event Stream Analysis
- Log Collector
- Malware Analysis
- Reporting Engine
- Warehouse Connector
- Services implemented when you deploy the NW Server
This workflow shows the procedures you complete to set up and maintain a service. Adding a service to a host is the first task in this workflow. The hosts with core services are set up out of the box. After that, you can set up additional services on hosts to enhance your NetWitness Suite deployment.
What do you want to do?
See Host GS: Hosts and Services Procedures for detailed instructions of the following tasks.
- Best Practices
- Troubleshoot Host Updates
The following example shows you how to maintain a service.
Select a Service.
Go to ADMIN > Services view.
Click the checkbox to the left of the service you want to select.
Edit the Service Name and Connection.
|3||Click (Alternatively, select Edit from the (Action drop-down menu).|
|4||Edit the Host name.|
|5||Edit the service Name.|
|6||Edit the Port number.|
|7||Deselect or select SSL communication connection.|
|8||Click Test Connection .|
Delete a Service.
|9||Select a Service and click the delete icon.|
View Service Statistics and Configure Parameters
|10||Perform the following steps to view service statistics and configure a service parameters.|
|10||Select a Service, click the actions icon, and click Stop a service that is running.|
|11||Select a Service, click the actions icon, and click Restart to restart a stopped service.|
See the following RSA NetWitness Suite guides for detailed information on individual services. Go to the Master Table of Contents for NetWitness Logs & Packets 11.x to find all NetWitness Suite 11.x documents.
Archiver Configuration Guide
Broker and Concentrator Configuration Guide
Cloud Behavioral Analytics Gateway Configuration Guide
Context Hub Configuration Guide
Decoder and Log Decoder Configuration Guide
Endpoint Insights Configuration Guide
Event Stream Analysis (ESA) Configuration Guide
Investigate and Malware Analysis User Guide
Log Collection Configuration Guide
Malware Analysis Configuration Guide
Reporting Engine User Guide
Respond Configuration Guide
Workbench Configuration Guide
Warehouse Connector Configuration Guide