NetWitness Platform Online Documentation

Browse the official NetWitness Platform Online documentation for helpful tutorials, step-by-step instructions, and other valuable resources.

Options

Subscribe to RSS Feed

Bookmark

Subscribe

Printer Friendly Page

Report Inappropriate Content

Versions

Collections

All Downloads

Configure OPSWAT

OPSWAT (MetaDefender Core) provides advanced malware detection capabilities by scanning files with multiple anti-malware engines simultaneously. OPSWAT is disabled by default. As an administrator, you can enable and configure OPSWAT on the endpoint servers.

Note: You need to deploy the following OPSWAT app rules from Live services to log decoder for successful configuration of OPSWAT on endpoint servers:

opswat reported infected
opswat reported suspicious
process with opswat reported suspicious
process with opswat reported infected

IMPORTANT: Ensure that OPSWAT is configured in all endpoint servers and the configuration parameters are consistent across all endpoint servers.

To enable and configure OPSWAT:

Go to (Admin) > Services.
In the Services view, select the Endpoint Server service.
Click and select View > Config.
Click the 3rd Party Scan tab.
Select Enable OPSWAT Scan.
Enter the URL.
Click Save Configure.

NetWitness Community

Table of Contents

Product Resources

Configure OPSWAT

On this page