Sean Koniarz

WEC Centralized Collection

Discussion created by Sean Koniarz on Jan 3, 2017
Latest reply on Jan 3, 2017 by Naushad Kasu

Has anyone had experience trying to centralize windows collection prior to getting to netwitness?

 

Example would be, very remote site that we don't want to open the firewall very wide so we would like to send the events to a central system and then just open the firewalls to that one system for netwitness to collect the logs off of.  

 

Not really sure how it would work but we are curious if anyone has tried this. 

Outcomes