This On-Demand foundations course focuses on the core features and functions of the RSA NetWitness Logs & Network product for Administrators and Analysts.
This recorded training course provides a foundational overview of the core components of RSA NetWitness Logs & Network. Students gain insight into the core concepts, uses, functions and features of RSA NetWitness Logs & Network and also gain practical experience by performing a series of hands-on labs.
Anyone new to RSA NetWitness Platform.
Students should be familiar with basic computer architecture, networking fundamentals and general information security concepts. Basic knowledge of the TCP/IP protocol stack is beneficial.
Upon successful completion of this course, participants should be able to:
Describe the RSA NetWitness Logs & Network architecture, components and functions
Describe how metadata is created
Differentiate between meta keys, meta values, and metadata
Investigate data using simple and complex queries
Customize the investigation display
Filter data using rules
Create new meta values using Application and Correlation rules and RSA Live content
Create alerts using ESA and reporting rules to track potential threats