This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Discussions

Endpoint Log Hybrid - Only for Endpoint Agent Data?

Go to solution
Anonymous
Not applicable

‎2020-08-21 09:44 AM

Should an Endpoint Log Hybrid server just be used for Endpoint Agent Data as best practice? Or can it also be used for other log sources?

 

Our Endpoint Log Hybrid collects agent data from Endpoints, Logs forwarded (ie. event logs), ODBC, Firewalls sending via Syslog, VPN Concentrator and others. Should the ELH just collect the Endpoint Agent data and then another Log Decoder/Concentrator be used for everything else?

Labels:
0 Likes
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
DaveGlover
Trusted Contributor Trusted Contributor
Trusted Contributor

‎2020-08-21 09:55 AM

The Endpoint Log Hybrid can be used for any and all log collections.  You just need to make sure your EPS and data volumes are within reason for an EndPoint Log Hybrid 

View solution in original post

0 Likes
2 REPLIES 2

Go to solution
DaveGlover
Trusted Contributor Trusted Contributor
Trusted Contributor

‎2020-08-21 09:55 AM

The Endpoint Log Hybrid can be used for any and all log collections.  You just need to make sure your EPS and data volumes are within reason for an EndPoint Log Hybrid 

0 Likes

Go to solution
Anonymous
Not applicable
In response to DaveGlover

‎2020-08-23 03:04 AM

Thanks Dave, I thought that was the case but was seeing documentation with diagrams that seems to suggest otherwise.

0 Likes
© 2022 RSA Security LLC or its affiliates. All rights reserved.