RSA NetWitness Logs Event Source Configuration

Document created by Connor Mccarthy Employee on Jun 22, 2018
Version 1Show Document
  • View in full screen mode

OnDemandLabDetailsRegister

 

 

In order to register for a class, you need to first create an EMC account

If you need further assistance, contact us

 

 

Summary

This self-paced, on-demand lab provides an overview of how RSA NetWitness log collection is configured and performed for a variety of event source types such as Windows, File Reader, ODBC, Check Point Firewall, VMware, SDEE, SNMP and Netflow.

 

Overview

This self-paced, on-demand lab provides an overview of how RSA NetWitness log collection is configured and performed for a variety of event source types such as Windows, File Reader, ODBC, Check Point Firewall, VMware, SDEE, SNMP and Netflow. It also provides steps to practice configuring syslog, Windows, ODBC and FileReader event sources.

 

Audience
Internal, CS, PS, SE, Partner, Customer

 

Delivery Type

3 hours

On-Demand Lab (self-paced eLearning with lab)


Duration
Note: RSA University’s on-demand lab environment is provided for 10 hours of overall practice time over a 14-day period.


Accessing the Lab Environment
Lab exercises are performed in the RSA University virtual lab environment. The downloadable Lab Guide provides detailed instructions on access the environment. For more information please view the document Access RSA University Virtual Labs – available on the RSA University site: RSA University Content

 

Prerequisite Knowledge/Skills

  • RSA NetWitness Logs and Packets Foundations training course or equivalent experience
  • Familiarity with networking fundamentals
  • Familiarity with Linux
  • Familiarity with MS Windows

 

Learning Objectives

Upon successful completion of this course, participants should be able to:

  • Describe how log data is created and processed by RSA NetWitness
  • Configure log collection for RSA supported event source types.

Lab exercises will be provided for the most common event source types which include:

  • Syslog
  • Windows
  • File Reader
  • ODBC
  • Validate data capture
  • Set up event source monitoring
  • Troubleshoot Event Sources

 

Course Outline

Log Data Collection
Configuring Event Sources
Event Source monitoring

 

 

 

 

OnDemandLabDetails

Register

 

 

In order to register for a class, you need to first create an EMC account

If you need further assistance, contact us

Attachments

    Outcomes