RSA Netwitness Logs & Packets Troubleshooting the Platform

Document created by Connor Mccarthy Employee on Nov 14, 2017Last modified by Connor Mccarthy Employee on Mar 30, 2018
Version 2Show Document
  • View in full screen mode

Register Now



In order to register for a class, you need to first create an EMC account

If you need further assistance, contact us



This on-demand learning presents a recommended approach to using RSA NetWitness Logs and Packets Event Stream Analysis to detect threats as well as an overview of ESA features and functions.



This FREE self-paced eLearning course will improve your understanding of troubleshooting the RSA Security Analytics platform found in 10.4 and above. Through a series of “just-show-me” video demonstrations, this course will address the most common platform issues and will provide you with the tools you need to better isolate issues.   The content is specific to Security Analytics version 10.4. However, there is a lot of commonality between versions and some of the things that you learn may be used to troubleshoot older or newer versions of Security Analytics. Please keep this in mind as you proceed because there may well be variances based on the version.  The course begins by discussing how to reduce Puppet issues and then spells out specific commands that you can use to validate when things are running correctly and narrow down issues with Puppet, MCollective, RabbitMQ, and Collectd. 



RSA Technical Support Engineers and Professional Services Consultants and partners


Delivery Type

On-Demand Learning



2.5 hours (eLearning)


Prerequisite Knowledge/Skills

Students should have completed the following courses (or have equivalent knowledge) prior to taking this training:

  • General Troubleshooting Methodology
  • RSA Security Analytics 10.4 for Analysts
  • General understanding of networking
  • Familiarity with Linux, Java, scripting, and computer hardware
  • Understanding of RSA’s implementation of the platform and detailed knowledge of its architecture
  • Familiarity with the open source technologies used by the platform
  • Knowledge of Python is helpful


Learning Objectives

Upon successful completion of this course, participants should be able to:

  • Describe Security Analytics platform troubleshooting strategies & basic-practices
  • Identify techniques to troubleshoot the most common Security Analytics platform issues
  • Describe specific commands used to troubleshooting the Security Analytics platform
  • Describe tools and approaches to reducing puppet issues


Course Outline

  • Introduction
  • Reducing Puppet Issues
  • Use Cases with Puppet, RabbitMQ, MCollective, and Collectd
  • Assessment
  • Course Evaluation




                                                                                                                                                                                                  Register Now


In order to register for a class, you need to first create an EMC account
If you need further assistance, contact us