This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Discussions

How to build a small (micro) lab

JasonClemons
Beginner
Beginner

‎2020-06-04 02:17 PM

Hello, my corporation owns a huge deployment of RSA Netwitness where we store logs and packets.  I've been a user of the platform for several years, but now I've been asked to jump in and help with parsing and alerting duties.  We do have a lab setup but it's for staging and the engineers who support it don't want to "mess it up".  Is there a solution to get a smaller environment going with either some VM's or docker containers where I can practice configuration, ingestion, parsing, ESA and alerting on my own corporate asset or a smaller ESX environment?

0 Likes
1 REPLY 1

SteveFink
Contributor Contributor
Contributor

‎2020-06-04 02:26 PM

Hi, Jason.

 

You should be able to build what you're looking for by using this blog post as a reference:

 

https://community.rsa.com/community/products/netwitness/blog/2019/09/13/tips-to-build-small-netwitness-virtual-hosts

 

Best,

 

Fink

0 Likes
© 2022 RSA Security LLC or its affiliates. All rights reserved.