Hosts GS: Services

Document created by RSA Information Design and Development on Nov 7, 2017Last modified by RSA Information Design and Development on Jul 9, 2019
Version 16Show Document
  • View in full screen mode
 

You set up and maintain the NetWitness Platform services run in the Services view. With the Services view, you can:

  • Quickly search for and locate a specific service or type of service, such as Log Decoder or Warehouse Connector
  • Use shortcuts to get to administration tasks
  • Add, edit, and remove services
  • Sort services by name and host
  • Filter services by type and by name and host
  • Start, stop, and restart services

A service performs a unique function, such as collecting logs or archiving data. Each service runs on a dedicated port and is modeled as a plug-in to enable or disable, according to the function of the host. You must configure the following Core services first.

                                                                                                                                        
CategoryServicesUnencrypted
Non-SSL Port
Encrypted
SSL Port
Notes

Admin Server

Admin
Config
Content
Integration
Investigate
License
Orchestration
Reporting Engine
Respond
Security

N/A
N/A
N/A
N/A
N/A
N/A
N/A
51113
N/A
N/A

N/A
N/A
N/A
N/A
N/A
N/A
N/A
N/A
N/A
N/A

Implemented with the NW Server
Implemented with the NW Server
Implemented with the NW Server
Implemented with the NW Server
Implemented with the NW Server
Implemented with the NW Server
Implemented with the NW Server

Implemented with the NW Server
Implemented with the NW Server

Archiver Archiver
Workbench
50008
50007
56008
56007

 

 

Broker

Broker

5000356003Core Service

Cloud Gateway

Cloud Gateway

N/AN/A

 

Concentrator

Concentrator

5000556005Core Service

Endpoint Broker

Endpoint Broker

N/A

N/A

 

Endpoint Log HybridLog Collector
Log Decoder
Endpoint Server
Concentrator
50001
50002
N/A
50005
56001
56002
N/A
56005
 
ESA PrimaryEntity Behavior Analytics
Contexthub
ESA Correlation
N/A
N/A
N/A
N/A
N/A
50030
 
ESA SecondaryEntity Behavior Analytics
ESA Correlation
N/A
N/A
N/A
N/A
 
Log Collector

Log Collector

5000156001 

Log Decoder

Log Collector
Log Decoder

50001
50002

56001
56002

 

Log HybridLog Collector
Log Decoder
Concentrator

50001
50002
50005

56001
56002
56005

 

Malware Analysis

Malware Analysis
Broker

N/A

60007

 

Network DecoderDecoder5000456004 

Network Hybrid

Concentrator
Decoder

50005

56005

 

UEBA

UEBA

N/A

N/A

 

Warehouse Connector

Warehouse Connector

5002056020

Command line installation

You must configure hosts and services to communicate with the network and each other so they can perform their functions such as storing or capturing data. 

Workflow

This workflow shows the procedures you complete to set up and maintain a service. Adding a service to a host is the first task in this workflow. The hosts with core services are set up out-of-the-box. After that, you can set up additional services on hosts to enhance your NetWitness Platform deployment.

This is an example of a workflow for the Services view.

What do you want to do?

See Hosts and Services Procedures for detailed instructions of the following tasks.

                   
RoleI want to ...
AdministratorMaintain a service.
Administrator Set up a host.

Related Topic

Quick Look

The following example shows you how to maintain a service.

Select a Service.

             
 1 

Go to ADMIN > Services view.

 2 

Click the checkbox to the left of the service you want to select.

Edit the Service Name and Connection.

                             
 3  Click The edit icon (Alternatively, select Edit from the (Action drop-down menu).
 4  Edit the Host name.
 5  Edit the Port number.
 6  Deselect or select SSL communication connection.
 7  Click Test Connection .
8 Click Save.

Delete a Service.

         
 9  Select a Service and click the delete icon.

View Service Statistics and Configure Parameters

                 
 10  Perform the following steps to view service statistics and configure a service parameters.
  1. Select a Service and click the actions icon.
  2. Click View and select:
    • System to:
      • View current high-level information about the service and its host.
      • Access the System View toolbar.
    • Stats to view detailed service statistics.
    • Config to view and configure service parameters.
    • Explore to view and configure service parameters in the NetWitness Platform Explore view.
    • Logs to view log messages issued by the service.
 11  Select a Service, click the actions icon, and click Stop a service that is running.
 12  Select a Service, click the actions icon, and click Restart to restart a stopped service.

Topics

See the following RSA NetWitness Platform guides for detailed information on individual services. Go to the Master Table of Contents to find all NetWitness Platform Logs & Network 11.x documents.

Archiver Configuration Guide

Broker and Concentrator Configuration Guide

Cloud Behavioral Analytics Gateway Configuration Guide

Context Hub Configuration Guide

Decoder and Log Decoder Configuration Guide

Endpoint Insights Configuration Guide

Event Stream Analysis (ESA) Configuration Guide

Investigate and Malware Analysis User Guide

Log Collection Configuration Guide

Malware Analysis Configuration Guide

Reporting Engine User Guide

Respond Configuration Guide

RSA NetWitness UEBA User Guide

Workbench Configuration Guide

Warehouse Connector Configuration Guide

 

 

 

Previous Topic:Groups Panel Toolbar
You are here
Table of Contents > References > Services View

Attachments

    Outcomes