RSA NetWitness Logs & Network Content Creation

Created by Catherine Robichaud Employee on Apr 24, 2019

Tuesday, June 11, 2019 at Bedford - RSA (174 Middlesex Turnpike)

Starts at 9:00 AM · Ends on Jun 12, 2019 at 5:00 PM, EST (America/New_York)

  • No one is attending this event yet.

This Live Instructor-Led course provides recommended methodologies for creating content to assist you in discovering, analyzing and resolving threats in RSA NetWitness Logs & Network. Students will benefit from both lecture and hands-on lab exercises using their own virtual environment to practice the techniques learned in class.



Customer, PS, CS, SE, Partners

Prerequisite Knowledge/Skills

Student should have completed or have comparable knowledge to what is provided in the following course: RSA NetWitness Logs & Network Foundations


Course Objectives

Upon successful completion of this course, participants should be able to:

  • Describe content types and identify how and when to use each content type
  • Optimize content for performance and functionality
  • Describe how index settings affect content 
  • Edit index settings to maximize results
  • Identify how to use Live content to address specific needs
  • Describe how to deploy and use the Hunting Pack
  • Describe methodologies for creating content
  • Create a taxonomy for rules and reports
  • Describe how to find and use malicious data in content creation
  • Create reports to verify efficacy of content
  • Use techniques and methodologies to automate threat detection
  • Validate results and refine your approach accordingly


Click HERE to register for this training event.

If you have any questions please click HERE.

Bedford - RSA (174 Middlesex Turnpike)