This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

RSA NetWitness® Platform Discussions

Discussions about the RSA NetWitness Platform.
DaveGlover
Contributor Contributor
Contributor
‎2016-05-02 11:16 AM

Helpful "How To" Videos

I have created a few "how to videos" that I hope you find helpful.  They are posted to YouTube and I have included the links below.

 

They are as follows:

 

Demo of the new ESI tool -->https://youtu.be/_FilrZc2qLc

How to Configure IIS Collection for Security Analytics --> IIS Device Configuration - YouTube

How to Configure Windows Collection via WinRm --> WINRM Windows Collection - YouTube

How to Configure Security Analytics to Collect Log files not currently Supported via SFTP --> FileSpec Creation - YouTube

 

ESI Beta 3 --> RSA ESI Beta 3 - YouTube 

 

RSA Netwitness UI Walkthrough  -->

 

   Part 1 --> RSA Netwitness UI Walkthrough Part 1 - YouTube 

   Part 2 --> RSA Netwitness UI Walk through Part 2 - YouTube 

 

Lua Parser Overview --> RSA Netwitness LUA Parser Overview - YouTube 

 

Creating Parsers when No Message ID Exists in the Log --> Parser Development When No Message ID Exists - YouTube 

 

Building and Scheduling Reports in Netwitness --> Building and Scheduling Reports in NetWitness - YouTube 

 

Creating and Using Feeds and App Rules --> Using Application Rules and Feeds in NetWitness - YouTube 

 

Correlation Rule Example --> YouTube 

 

Creating Dashboards --> Dashboard Creation - YouTube 

 

DNS Xfil Example --> https://www.youtube.com/watch?v=3x4rnmlrHww&t=7s

Reply
16 Replies
SoumyajitDhara
Beginner
Beginner
‎2016-06-07 04:02 AM

Hi Dave, can we expect a video for SDEE Collection methods along with Troubleshooting methods.

0 Likes
Reply
AndrewThompson2
Beginner
Beginner
‎2016-06-09 07:25 AM

Hi Dave.

 

Really liked the video on the new ESI tool. Do you have any idea when there will be any updates to it as the current 'beta' version does tend to crash a bit. We were told at a recent user group that RSA were using an agile development approach for this particular tool and were to expect regular updates so would be good to hear one way or the other.

 

Thanks.

Reply
NathanChurch1
Beginner
Beginner
‎2016-06-09 05:11 PM

Great job, Dave Glover, on this video showing how the new tool works and walking through the examples. Always appreciate the great content!

Reply
MichaelDickerso
Employee
Employee
‎2016-09-14 11:07 PM

Very nice.

Reply
LeonardC
Contributor Contributor
Contributor
‎2016-09-15 02:24 PM

Great stuff, Thanks Dave.

Reply
SalSanshez
Employee
Employee
‎2016-09-25 12:24 AM

Great job as usual wRAlmdLu8uOnkbiouAPmB5mqnlFr6baANOTo7eT0Oa4=

0 Likes
Reply
ClintMarsden1
Beginner
Beginner
‎2017-01-24 11:59 PM

Hi Dave,

Is there any possibility of receiving the scripts used in the WinRM video?

 

Thanks,

Clint

0 Likes
Reply
JoeGumke
Beginner
Beginner
‎2017-08-10 08:57 AM

thanks for videos dave.

Any chance you or someone from RSA could publish detailed documentation/how to's on how to leverage the upcoming plugin framework and/or lua development for logs and packets? Specifically would like to learn how to learn how to leverage the plugin framework to normalize XML/JSON log structures

0 Likes
Reply
KevinCole
Beginner
Beginner
‎2017-10-25 10:34 AM

Are there any detailed examples of how to create a custom parser for event sources that do not supply a message ID in the header? I see some brief references, but am still looking for a good tutorial to handle the types of events I'm seeing.

0 Likes
Reply
© 2020 RSA Security LLC or its affiliates.
All rights reserved.