Host GS: Services View

Document created by RSA Information Design and Development on Nov 7, 2017Last modified by David O'Malley on Nov 10, 2017
Version 4Show Document
  • View in full screen mode

You set up and maintain the NetWitness Suite services run in the Services view. With the Services view, you can:

  • Quickly search for and locate a specific service or type of service, such as Log Decoder or Warehouse Connector
  • Use shortcuts to get to administration tasks
  • Add, edit, and remove services
  • Manage licensing and view the license status of a service (licensed or unlicensed)
  • Sort Services by Name and Host
  • Filter services by Type and by Name and Host
  • Start, stop, and restart services

A service performs a unique function, such as collecting logs or archiving data. Each service runs on a dedicated port and is modeled as a plug-in to enable or disable, according to the function of the host. You must configure the following Core services first: 

DecoderArchiverLog CollectorWorkbench
ConcentratorEvent Stream AnalysisMalware Analysis
BrokerContext HubReporting Engine 
Log DecoderIncident ManagementWarehouse Connector 

You must configure hosts and services to communicate with the network and each other so they can perform their functions such as storing or capturing data. 


This workflow shows the procedures you complete to set up and maintain a service. Adding a service to a host is the first task in this workflow. The hosts with core services are set up out of the box. After that, you can set up additional services on hosts to enhance your NetWitness Suite deployment.

This is an example of a workflow for the Services view.

What do you want to do?

See Hosts and Services Procedures for detailed instructions of the following tasks.

RoleI want to ...
AdministratorMaintain a service.
AdministratorSet up a host.

Related Topics

  • Best Practices
  • Troubleshoot Host Updates

Quick Look

The following example shows you how to maintain a service.

Select a Service.


Go to ADMIN > Services view.


Click the checkbox to the left of the service you want to select.

Edit the Service Name and Connection.

 3 Click The edit icon (Alternatively, select Edit from the (Action drop-down menu).
 4 Edit the Host name.
 5 Edit the service Name.
 6 Edit the Port number.
 7 Deselect or select SSL communication connection.
8 Click Test Connection .

Delete a Service.

 9 Select a Service and click the delete icon.

View Service Statistics and Configure Parameters

 10 Perform the following steps to view service statistics and configure a service parameters.
  1. Select a Service and click the actions icon.
  2. Click View and select:
    • System to:
      • View current high-level information about the service and its host.
      • Access the System View toolbar.
    • Stats to view detailed service statistics.
    • Config to view and configure service parameters.
    • Explore to view and configure service parameters in the NetWitness Suite Explore view.
    • Logs to view log messages issued by the service.
 10 Select a Service, click the actions icon, and click Stop a service that is running.
 11 Select a Service, click the actions icon, and click Restart to restart a stopped service.


Admin Server

Archiver Service

Broker Service

Concentrator Service

Decoder Service

Event Stream Analysis Service

ESA: Context Hub Service


Log Collector Service

Log Decoder Service

Malware Analysis Service

Reporting Engine Service

Respond Server

Warehouse Connector

Workbench Service


Previous Topic:Groups Panel Toolbar
You are here

Table of Contents > Host GS: References > Services View