Configuring an ArchiverConfiguring an Archiver
The NetWitness Archiver is an appliance that enables long-term log archiving by indexing and compressing log data and sending it to Archiving storage. The Archiving storage is then optimized for long-term data retention and compliance reporting.
Archiver stores raw logs and log meta from Log Decoders for long-term retention and it uses Direct-Attached Capacity (DAC) for storage.
Note: Raw packet and packet meta are not stored in the Archiver.
PrerequisitesPrerequisites
Ensure that you have:
- Installed the Archiver host in your network environment.
- Installed and configured Log Decoder in your network environment.
If you want to configure multiple Archiver or Concentrator services as a group and share the aggregation tasks between them, refer to Group Aggregation in the Deployment Guide.
WorkflowWorkflow
This workflow illustrates the end-to-end installation and configuration process for an Archiver.
The following table describes the basic steps for configuring an Archiver.The tasks must be completed in the sequence they are given.
| Configuration Step | Description |
|---|---|
| Edit the Archiver Service |
Provides information on how to add an Archiver service to the Archiver host and apply a license to it. |
| Add Log Decoder as a Data Source to Archiver |
Provides instructions on how to add a Log Decoder to an Archiver. |
|
Provides instructions on how to configure storage and log retention on an Archiver. |
|
| Add Archiver as a Data Source to Reporting Engine | Provides instructions on how to add an Archiver as a data source to Reporting Engine to generate reports for the data collected by an Archiver. |
|
Provides instructions on how to configure the alert mechanism related to Archiver storage. |
