This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Education Courses
No ratings

RSA NetWitness Logs & Network Event Sources

CraigHansen1
Beginner
Beginner

on ‎2016-02-04 07:52 AM

In order to register for a class, you need to first create an EMC account

If you need further assistance, contact us

 

Summary

This on-demand learning focuses on how to configure RSA NetWitness log collection for a variety of event sources.

 

Overview

This self-paced on-demand learning provides an overview of how RSA NetWitness Logs & Network log collection is configured and performed for a variety of event source types such as Windows, File Reader, ODBC, Check Point Firewall, VMware, SDEE, SNMP and Netflow.

 

Audience

RSA NetWitness Logs & Network administrators

 

Delivery Type

On-Demand Learning

 

Duration

2 hours

 

Prerequisite Knowledge/Skills

Students should be familiar with basic computer architecture, data networking fundamentals and general information security concepts. A background in Enterprise networking and data communications is required.

 

Students should also have completed or otherwise have the skills acquired from the following course(s):

 

 

Learning Objectives

Upon successful completion of this course, participants should be able to:

  • Configure capture for log data
  • Configure log collection for the following event source types
    • Windows
    • File Reader
    • ODBC
    • Check Point Firewall
    • VMware
    • SDEE
    • SNMP
    • Netflow
  • Validate data capture
  • Create event source groups
  • Monitor event sources
  • Perform basic troubleshooting for event source collection

 

Course Outline

  1. Log Collection Overview
    • Log collector service
    • Local and remote log collectors
    • Log collection failover
    • Starting/stopping log collection
    • Configuring event sources
    • Connecting a syslog event source
  2. Configuring Log Collection for Windows
    • Configuring the Windows event source
    • Starting collection
    • Troubleshooting the Windows event source
  3. Configuring Log Collection for File Reader
    • Configuring the event source
    • Troubleshooting the File Reader event source
  4. Configuring Log Collection for ODBC
    • Configuring the event source
    • Troubleshooting the ODBC event source
  5. Configuring Log Collection for Check Point Firewall
    • Configuring the event source
    • Troubleshooting the Check Point event source
  1. Configuring Log Collection for VMware
    • Configuring the event source
    • Starting collection
    • Troubleshooting the event source
  2. Configuring Log Collection for SDEE
    • Configuring the event source
    • Starting collection
    • Troubleshooting the event source
  3. Configuring Log Collection for SNMP
    • Configuring the event source
  4. Configuring Log Collection for Netflow
    • Configuring the event source
  5. General Log Collection Troubleshooting
    • Setting debug mode
    • Debug messages
    • Checking the event source queue
    • Troubleshooting checklist
    • Checking the services
  6. Event Source Grouping and Monitoring
    • Event source groups
    • Event source group attributes
    • Event source monitoring
    • Event source alerting

In order to register for a class, you need to first create an EMC account

If you need further assistance, contact us

Was this article helpful? Yes No
0 Likes
Version history
Last update:
‎2016-02-04 07:52 AM
Updated by:
Beginner
Contributors
© 2022 RSA Security LLC or its affiliates. All rights reserved.