Hosts GS: Services

Document created by RSA Information Design and Development on Nov 7, 2017Last modified by RSA Information Design and Development on Sep 12, 2018
Version 13Show Document
  • View in full screen mode

You set up and maintain the NetWitness Platform services run in the Services view. With the Services view, you can:

  • Quickly search for and locate a specific service or type of service, such as Log Decoder or Warehouse Connector
  • Use shortcuts to get to administration tasks
  • Add, edit, and remove services
  • Sort services by name and host
  • Filter services by type and by name and host
  • Start, stop, and restart services

A service performs a unique function, such as collecting logs or archiving data. Each service runs on a dedicated port and is modeled as a plug-in to enable or disable, according to the function of the host. You must configure the following Core services first.

Non-SSL Port
SSL Port




Implemented with the NW Server



Broker5000356003Core Service

Cloud Gateway



Concentrator5000556005Core Service
Config N/AN/AImplemented with the NW Server.




Implemented with the NW Server

Context HubN/AN/A


Decoder (Packets)5000456004Core Service





Entity Behavior AnalysisN/AN/A 
Event Stream AnalysisN/A50030



N/AN/AImplemented with the NW Server.
InvestigateN/AN/AImplemented with the NW Server.
Log Collector5000156001 
Log Decoder5000256002

Core Service

Malware AnalysisN/A60007 
OrchestrationN/AN/AImplemented with the NW Server.
Reporting EngineN/A51113Implemented with the NW Server.


N/AN/AImplemented with the NW Server.


N/AN/AImplemented with the NW Server.




Implemented with the NW Server





Warehouse Connector5002056020



You must configure hosts and services to communicate with the network and each other so they can perform their functions such as storing or capturing data. 


This workflow shows the procedures you complete to set up and maintain a service. Adding a service to a host is the first task in this workflow. The hosts with core services are set up out-of-the-box. After that, you can set up additional services on hosts to enhance your NetWitness Platform deployment.

This is an example of a workflow for the Services view.

What do you want to do?

See Hosts and Services Procedures for detailed instructions of the following tasks.

RoleI want to ...
AdministratorMaintain a service.
Administrator Set up a host.

Related Topic

Quick Look

The following example shows you how to maintain a service.

Select a Service.


Go to ADMIN > Services view.


Click the checkbox to the left of the service you want to select.

Edit the Service Name and Connection.

 3  Click The edit icon (Alternatively, select Edit from the (Action drop-down menu).
 4  Edit the Host name.
 5  Edit the Port number.
 6  Deselect or select SSL communication connection.
 7  Click Test Connection .
8 Click Save.

Delete a Service.

 9  Select a Service and click the delete icon.

View Service Statistics and Configure Parameters

 10  Perform the following steps to view service statistics and configure a service parameters.
  1. Select a Service and click the actions icon.
  2. Click View and select:
    • System to:
      • View current high-level information about the service and its host.
      • Access the System View toolbar.
    • Stats to view detailed service statistics.
    • Config to view and configure service parameters.
    • Explore to view and configure service parameters in the NetWitness Platform Explore view.
    • Logs to view log messages issued by the service.
 11  Select a Service, click the actions icon, and click Stop a service that is running.
 12  Select a Service, click the actions icon, and click Restart to restart a stopped service.


See the following RSA NetWitness Platform guides for detailed information on individual services. Go to the Master Table of Contents to find all NetWitness Platform Logs & Network 11.x documents.

Archiver Configuration Guide

Broker and Concentrator Configuration Guide

Cloud Behavioral Analytics Gateway Configuration Guide

Context Hub Configuration Guide

Decoder and Log Decoder Configuration Guide

Endpoint Insights Configuration Guide

Event Stream Analysis (ESA) Configuration Guide

Investigate and Malware Analysis User Guide

Log Collection Configuration Guide

Malware Analysis Configuration Guide

Reporting Engine User Guide

Respond Configuration Guide

RSA NetWitness UEBA User Guide

Workbench Configuration Guide

Warehouse Connector Configuration Guide




Previous Topic:Groups Panel Toolbar
You are here
Table of Contents > References > Services View