Configure Collection Protocols and Event Sources
This topic tells you how to configure collection protocols and the event sources using those protocols.
You configure the Log Collector to collect event data from your event sources in the Event Sources tab of the Log Collection parameter view.
To configure a collection protocol:
- Go to
(Admin) > Services from the NetWitness menu.
- Select a Log Collection service.
- Under Actions, select
> View > Config to display the Log Collection configuration parameter tabs.
-
Click the Event Sources tab.
- Select a collection protocol (for example, File) and select Config.
- Click
and select an event source.
- Select the newly added category and click
- Specify the parameters for the event source. For details, see the individual collection protocol topics.
The following guides provide detailed instructions on how to configure the collection protocols and their associated event sources in NetWitness. Each guide includes an index to configuration instructions for the event sources supported for that collection protocol.
To configure individual collection protocols, see the following topics:
- Configure AWS (CloudTrail) Event Sources in NetWitness
- Configure Azure Event Sources in NetWitness
- Configure Check Point Event Sources in NetWitness
- Configure File Event Sources in NetWitness
- Configure Netflow Event Sources in NetWitness
- Configure ODBC Event Sources in NetWitness
- Configure SDEE Event Sources in NetWitness
- Configure SNMP Event Sources in NetWitness
- Configure Syslog Event Sources
- Configure VMware Event Sources in NetWitness
- Configure Windows Event Sources in NetWitness
- Windows Legacy and NetApp Collection Configuration
- Configure Logstash Event Sources in NetWitness
