This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Discussions

RSA SA alerts pushed to RSA Orchestrator

AbuFaizal3
Beginner
Beginner

‎2018-05-24 08:40 AM

Hi Team,

 

i would like to achieve, without rules on ESA , alerts need to be pushed to orchestrator  

 

example:- all malicious url which is represented by SA , need automate to check URL reputation in rsa orchestrator 

 

Can anyone help please 

Labels:
0 Likes
1 REPLY 1

Anonymous
Not applicable

‎2018-05-24 03:09 PM

Hi Abu - 

There are a few ways you could accomplish this. 

 

1. Creating Incidents within Respond (v11.x) manually using either session or log data, and then configuring Orchestrator to pull all new Incidents. 

2. Use the Reporting Engine to generate the Incident instead of creating the Incident manually. 

 

Would either of those work for you? 

 

Are you trying to push things to Orchestrator manually or automatically? 

 

Thanks,

 

Corey

0 Likes
© 2022 RSA Security LLC or its affiliates. All rights reserved.