This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Discussions

ObserveIT_RSA Security Analytics

Go to solution
Anonymous
Not applicable

‎2013-12-27 02:27 AM

Hi All,

last week I got a document which addresses ObserveIT logs collection is possible in RSA security Analytics environment, is it correct?

Because there is no official announcement from RSA.

0 Likes
1 ACCEPTED SOLUTION

Accepted Solutions

Go to solution
Anonymous
Not applicable

‎2013-12-27 09:22 AM

Agree with Chris above, but I'll go ahead and answer the question.

 

The link I provided last week should have had two files associated with the post (on the left side of the page).

 

https://community.emc.com/docs/DOC-31072

 

ObserveIT_5.5_SA10.2.pdf -- this Implementation Guide how to configure the product to send syslog to SA.

 

observeitpe.zip -- which is the SA integration package deployed on your log decoder.

 

Also, if you want to find all the RSA partner created content, search for "partner_created_content" (without the quotes) in the RSA Security Analytics EMC group.  There should be approximately 23  integrations so far.

 

- John

View solution in original post

0 Likes
2 REPLIES 2

Go to solution
RSAAdmin
Beginner
Beginner

‎2013-12-27 02:48 AM

Please consider moving this question as-is (no need to recreate) to the proper forum for maximum visibility.  Questions written to the users' own "Discussions" space don't get the same amount of attention and can go unanswered for a long time.

 

You can do so by selecting "Move" under ACTIONS along the upper-right.  Then search for and select: "RSA Security Analytics".

0 Likes

Go to solution
Anonymous
Not applicable

‎2013-12-27 09:22 AM

Agree with Chris above, but I'll go ahead and answer the question.

 

The link I provided last week should have had two files associated with the post (on the left side of the page).

 

https://community.emc.com/docs/DOC-31072

 

ObserveIT_5.5_SA10.2.pdf -- this Implementation Guide how to configure the product to send syslog to SA.

 

observeitpe.zip -- which is the SA integration package deployed on your log decoder.

 

Also, if you want to find all the RSA partner created content, search for "partner_created_content" (without the quotes) in the RSA Security Analytics EMC group.  There should be approximately 23  integrations so far.

 

- John

0 Likes
© 2022 RSA Security LLC or its affiliates. All rights reserved.