This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Discussions

Where can I find information about importing IP watchlists into NW

PaulBagnell
Contributor
Contributor

‎2020-01-09 04:14 PM

I have a list of IOC IPs and want to stand up a rule and alert.  Does anyone know where I can find information on this process?  I'm a VERY green n00b who starts training next month.

 

Thanks

0 Likes
1 REPLY 1

AlejandroNegron
Beginner
Beginner

‎2020-01-09 04:22 PM

Hi Paul,

 

There are different ways to handle this, I suggest you to take a look at the following links 

 

Alerting: Configure Context Hub List as an Enrichment Source

Context Hub: Configure Lists as a Data Source

Live: Manage Custom Feeds 

 

I hope this helps.

 

Alejandro

0 Likes
© 2022 RSA Security LLC or its affiliates. All rights reserved.