000036234 - RSA Web Threat Detection Integration Guide

Document created by RSA Customer Support Employee on Apr 10, 2018
Version 1Show Document
  • View in full screen mode

Article Content

Article Number000036234
Applies ToRSA Product Set: RSA NetWitness Logs & Packets
RSA Product/Service Type: RSA NetWitness Suite Respond
RSA Version/Condition: 11.0
Platform: CentOS 7
IssueThe customer would like to integrate Web Threat Detection’s Incidents with the RSA NetWitness Suite Respond.
ResolutionPlease see the attached PDF for detailed instructions for the procedures to integrate Web Threat Detection with the RSA NetWitness Suite Respond. The following page numbers and sections from the attached PDF will provide the customer with the following contents:
Page NumberContents
7Overview and Architecture
9Installation and Configuration
20Viewing Web Threat Detection Incidents in RSA NetWitness Suite Incidents
24Logging and Monitoring
27Limitations and Troubleshooting


The customer should be sure to configure the following in order to integrate Web Threat Detection with RSA NetWitness Suite Respond:
  • Create rules in the Web Threat Detection to generate Incidents.
  • Configure RSA NetWitness Suite and access to the Rabbit MQ information associated with that Incident Server service.