This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject

NetWitness Community

  • Home
  • Products
    • NetWitness Platform
      • Advisories
      • Documentation
        • Platform Documentation
        • Known Issues
        • Security Fixes
        • Hardware Documentation
        • Threat Content
        • Unified Data Model
        • Videos
      • Downloads
      • Integrations
      • Knowledge Base
    • NetWitness Cloud SIEM
      • Advisories
      • Documentation
      • Knowledge Base
    • NetWitness Detect AI
      • Advisories
      • Documentation
      • Knowledge Base
    • NetWitness Investigator
    • NetWitness Orchestrator
      • Advisories
      • Documentation
      • Knowledge Base
      • Legacy NetWitness Orchestrator
        • Advisories
        • Documentation
  • Community
    • Blog
    • Discussions
    • Events
    • Idea Exchange
  • Support
    • Case Portal
      • Create New Case
      • View My Cases
      • View My Team's Cases
    • Community Support
      • Getting Started
      • News & Announcements
      • Community Support Forum
      • Community Support Articles
    • Product Life Cycle
    • Support Information
    • General Security Advisories
  • Training
    • Blog
    • Certification Program
    • Course Catalog
    • New Product Readiness
    • On-Demand Subscriptions
    • Student Resources
    • Upcoming Events
  • Technology Partners
  • Trust Center
Sign InRegister Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Knowledge Base
Find answers to your questions and identify resolutions for known issues with knowledge base articles written by NetWitness experts.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
  • NetWitness Community
  • Knowledge Base
  • How to access the RabbitMQ web interface to monitor and troubleshoot the event broker in RSA NetWitn...
  • Options
    • Subscribe to RSS Feed
    • Bookmark
    • Subscribe
    • Email to a Friend
    • Printer Friendly Page
    • Report Inappropriate Content

The content you are looking for has been archived. View related content below.

How to access the RabbitMQ web interface to monitor and troubleshoot the event broker in RSA NetWitness Platform

Article Number

000001305

Applies To

RSA Product Set: NetWitness Logs & Network
RSA Product/Service Type: 
Head Unit / Server, Log Collector, RabbitMQ Message Broker
RSA Version/Condition: 10.6.x, 11.x
Platform: CentOS

Issue

How to access the RabbitMQ web interface to monitor and troubleshoot the event broker on RSA NetWitness Log Collector.

Resolution

The RabbitMQ Message Broker is configured to only listen on the loopback address (127.0.0.1), even though the RabbitMQ Management Plugin is installed in the broker. For debugging purposes, it may be useful to view the Message Broker state through the RabbitMQ Management Plugin and your browser.

If SSH is enabled on your Log Collector node, you can tunnel the RabbitMQ management port (15671) through SSH, and connect to the RabbitMQ Management console through a Web browser.

Note: The RabbitMQ Message Broker listens only on port 5671 (AMQPS) and 15671 (HTTPS). The unprotected ports 5672 (AMQP) and 15672 (HTTP) are no longer available.

Unix instructions:
From your client machine, run an SSH tunnel which maps traffic from localhost:15671 on your Log Collector appliance to a port of your choice on your local machine (e.g., 12345). E.g., if your Log Collector appliance is at 10.1.2.3, then you would run the equivalent of:

          prompt% ssh -L12345:localhost:15671 root@10.1.2.3

You may now connect to the RabbitMQ console via https://localhost:12345


Windows instructions:
Open the Putty GUI and navigate to Connection -> SSH -> Tunnels
Enter the local source port of your choosing (e.g., 12345) in the Source Port window and 127.0.0.1:15671 in the Destination window.
Select 'Add'
Immediately navigate to Sessions and open an SSH connection to your LogCollector as normal. This will also open the tunnel.
You may now connect to the RabbitMQ console via https://localhost:12345

RabbitMQ web interface login credentials:
Username:  guest
Password:   guest

Tags (12)
  • Customer Support Article
  • KB Article
  • Knowledge Article
  • Knowledge Base
  • NetWitness
  • NetWitness Platform
  • NW
  • RSA NetWitness
  • RSA NetWitness Platform
  • RSA Security Analytics
  • Security Analytics
  • SIEM
0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2022-02-10 02:06 PM
Updated by:
Administrator nwinfotech Administrator

Related Content

Powered by Khoros
  • Blog
  • Events
  • Discussions
  • Idea Exchange
  • Knowledge Base
  • Case Portal
  • Community Support
  • Product Life Cycle
  • Support Information
  • About the Community
  • Terms & Conditions
  • Privacy Statement
  • Acceptable Use Policy
  • Employee Login
© 2022 RSA Security LLC or its affiliates. All rights reserved.