This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Education Courses
No ratings

RSA NetWitness Logs & Network Integration with RSA NetWitness Endpoint

CraigHansen1
Beginner
Beginner

on ‎2016-07-14 10:02 AM

Access Training

In order to register for a class, you need to first create an EMC account

If you need further assistance, contact us

 

Summary

This on-demand learning covers how to configure integration between RSA NetWitness Logs & Network and RSA NetWitness Endpoint.

 

Overview

This on-demand learning describes how to integrate RSA NetWitness Logs & Network and RSA NetWitness Endpoint to perform investigations using both tools. It covers various forms of integration including syslog, Live feeds, recurring feed and Incident Management (message bus).

 

Audience

NetWitness Endpoint Administrators

NetWitness Logs & Network Administrators

 

Delivery Type

On-Demand Learning

 

Duration

1 hour

 

Prerequisite Knowledge/Skills

RSA NetWitness Endpoint Foundations (I day ILT)  or RSA NetWitness Endpoint Fundamentals (On-Demand Learning) or equivalent experience

 

Learning Objectives

Upon successful completion of this course, participants should be able to:

  • Identify integration requirements
  • Describe the types of integration
  • Configure NetWitness Endpoint for syslog to the Log Decoder
  • Configure NetWitness Endpoint alerts via the message bus
  • Configure contextual data from NetWitness Endpoint via recurring feed
  • Configure NetWitness Endpoint to receive Live feeds
  • Analyze data using NetWitness Logs & Network and NetWitness Endpoint

 

Course Outline

  • Integration Overview
    • Integration methods
    • Integration requirements
  • Syslog Integration
    • Configuration prerequisites
    • Configuration steps
    • Configuration results
    • Syslog integration demonstration
  • Incident Management Integration
    • Configuration prerequisites
    • Configuration steps
    • Configuration results
  • Feed Integration
    • Configuration prerequisites
    • Configuration steps
    • Configuration results
    • Feed integration demonstration
  • Live Feed Integration
    • Configuration prerequisites
    • Configuration steps
    • Configuration results
    • Live Feed integration demonstration
  • Analyzing data
    • Drilling into NetWitness Logs & Network from Endpoint
    • Drilling into Endpoint from NetWitness Logs & Network
    • Context Hub
    • Endpoint IOC Lookup
    • Endpoint ESA integration
    • Endpoint reporting integration

 

 

 

 

 

Access Training

In order to register for a class, you need to first create an EMC account

If you need further assistance, contact us

Was this article helpful? Yes No
Version history
Last update:
‎2016-07-14 10:02 AM
Updated by:
Beginner
Contributors
© 2022 RSA Security LLC or its affiliates. All rights reserved.