This self-paced, on-demand lab provides an overview of how RSA NetWitness log collection is configured and performed for a variety of event source types such as Windows, File Reader, ODBC, Check Point Firewall, VMware, SDEE, SNMP and Netflow.
This self-paced, on-demand lab provides an overview of how RSA NetWitness log collection is configured and performed for a variety of event source types such as Windows, File Reader, ODBC, Check Point Firewall, VMware, SDEE, SNMP and Netflow. It also provides steps to practice configuring syslog, Windows, ODBC and FileReader event sources.
Audience Internal, CS, PS, SE, Partner, Customer
On-Demand Lab (self-paced eLearning with lab)
Duration Note: RSA University’s on-demand lab environment is provided for 10 hours of overall practice time over a 14-day period.
Accessing the Lab Environment Lab exercises are performed in the RSA University virtual lab environment. The downloadable Lab Guide provides detailed instructions on access the environment. For more information please view the document Access RSA University Virtual Labs – available on the RSA University site: RSA University Content
RSA NetWitness Logs and Packets Foundations training course or equivalent experience
Familiarity with networking fundamentals
Familiarity with Linux
Familiarity with MS Windows
Upon successful completion of this course, participants should be able to:
Describe how log data is created and processed by RSA NetWitness
Configure log collection for RSA supported event source types.
Lab exercises will be provided for the most common event source types which include:
Validate data capture
Set up event source monitoring
Troubleshoot Event Sources
Log Data Collection Configuring Event Sources Event Source monitoring