Skip navigation
All Places > Products > RSA NetWitness Platform > RSA NetWitness Platform Online Documentation > Documents
Log in to create and rate content, and to follow, bookmark, and share content with other members.

Endpoint Config: Integrate NetWitness Endpoint or Later with NetWitness Platform

Document created by RSA Information Design and Development Employee on Mar 19, 2018Last modified by RSA Information Design and Development Employee on Nov 2, 2020
Version 26Show Document
  • View in full screen mode

You can configure the Endpoint Metadata for the NetWitness Endpoint by integrating the Meta Integrator service in the NetWitness Endpoint directly to a Log Decoder. You can view the Endpoint metadata in the Investigate > Navigate and Events views. This integration includes the following steps:

Enable Metadata Forwarding

To enable the Metadata Integrator service for the selected NetWitness Endpoint agents, run the following command:

ConsoleServer.exe /nw-investigate enable

Enable Machines to Forward Metadata

After you enable the Metadata Forwarding using any one of the above options, perform the following to enable the machines to forward metadata to the Log Decoder.

  1. Open the NetWitness Endpoint user interface.
  2. Click Machines from the left panel. The list of available machines are displayed.

    List of available machines

  3. Select machines for which you want to forward metadata to the NetWitness Endpoint Server.
  4. Right-click and select the NetWitness Investigate option.

    The Change NetWitness Investigate Status dialog is displayed.

    Investigate status window

  5. Select the Enable NetWitness Investigate option.
  6. Click Apply.
  7. To verify if the Enable NetWitness Investigate option is enabled, repeat step 4.

You are here
Table of Contents > Integrate NetWitness Endpoint or Later with NetWitness Endpoint 11.3