This Instructor Led Training (ILT) course provides a foundational overview of the core components of RSA NetWitness Logs & Network. Students gain insight into the core concepts, uses, functions and features of RSA NetWitness Logs & Network and also gain practical experience by performing a series of hands-on labs.
Students should be familiar with basic computer architecture, networking fundamentals and general information security concepts. Basic knowledge of the TCP/IP protocol stack is beneficial.
Upon successful completion of this course, participants should be able to:
- Describe the NetWitness Logs & Network architecture, components and their functions
- Describe how metadata is created
- Differentiate between meta keys, meta values, and meta data
- Investigate data using simple and complex queries
- Customize the investigation display
- Filter data using rules
- Create new meta values using Application and Correlation rules and RSA Live content
- Create alerts using ESA and reporting rules to track potential threats
- Create and manage incidents
Click HERE to register for this training event.
If you have any questions please click HERE.