As a new guy for RSA NetWitness, I would appreciate few minutes of your time spent to reply if you know the answer.
I have few SQL servers with a single service account (let's call it sql_acct) that must be used for all SQL servers instances. This account must be logged into only from the SQL servers, not from the workstations. How do I build the Alert logic that would alert me if the SQL server was managed from any workstation? #Alert Logic