Context Hub Data Sources Tab
In the Data Sources tab, you can configure one or more data sources for Context Hub service. Navigate to 
Workflow
This workflow shows the procedure to configure data sources for Context Hub service to view contextual information in the Respond / Investigate views.
- The first task is to add a data source
- The second task is to configure data sources settings to enhance your deployment. This task is optional as the settings for each data source is already configured with default values for optimal performance.
- And the third task is to view and analyze the contextual information in the Context Summary panel of the Respond or Investigate views.
What do you want to do?
| Role | I want to ... | Show me how |
|---|---|---|
| Administrator | Configure Data Sources for Context Hub* |
Configure Lists as a Data Source Configure Archer as Data Source Configure Active Directory as a Data Source Configure NetWitness Endpoint as a Data Source Configure REST API as a Data Source |
| Administrator | Configure Hub Data Settings* | Configure Context Hub Data Source Settings |
| Analyst | View Contextual Information in Respond View |
See the NetWitness Respond User Guide. |
| Analyst | Add, create and delete list from the Respond or Investigate View |
See the NetWitness Respond User Guide. See the Investigate User Guide. |
|
Analyst |
Add or delete an entry from an existing list |
See the NetWitness Respond User Guide. |
*You can complete this task here (that is in the Context Hub Data Sources Tab.)
Related Topics
- Configure Lists as a Data Source
- Configure Archer as Data Source
- Configure Active Directory as a Data Source
- Configure NetWitness Endpoint as a Data Source
- Configure Respond as a Data Source
- Configure REST API as a Data Source
- Configure File Reputation Server as a Data Source
- Configure STIX as a Data Source
- Configure REST API as a Data Source
Quick Look
The following example illustrates how to add a data source for Context Hub service.
| 1 | Click  to display the Add Data Source dialog. |
| 2 | Displays the type of Data Source. |
| 3 | Name that identifies the Data Source. |
| 4 | The IP address or hostname of the data source. |
| 5 | The connection port for the data source. |
| 6 | Opens the Configure Settings dialog. You can view and edit the settings to be displayed on the Context Summary panel in the Respond or Investigate views. |
| 7 | Click Test Connection to verify that the host is connected to the Context Hub service. |
Toolbar
The following table describes the toolbar actions.
| Feature | Description |
|---|---|
|
Opens the Add Data Source dialog so that you can add a data source. You can add only one data source of each type. Except in case of Lists and Active Directory data sources which can be added in multiples. For detailed instructions to add a data source, see Configure Lists as a Data Source. |
 |
Delete a data source. If you delete a data source, Context Hub does not consider the deleted service as a data source. All contextual information fetched previously will not be available. |
 |
Opens the Edit Data Source dialog. |
 |
Opens the Configure Settings dialog. You can view and edit the settings for the data sources. For description of each field in Configure Responses dialog, see Configure Context Hub Data Source Settings . |
Data Source Configurations
The following table describes the listed configurations.
| Feature | Description |
|---|---|
| Enabled |
Indicates whether the data source is enabled or disabled. A solid colored green circle indicates that data source is enabled ( |
| Type |
The type of data source. For example, Lists, Archer, Active Directory, Endpoint, Respond, REST API or File Reputation server. |
| Name |
The unique name to identify the data source. For example, Respond. |
| Address |
The IP address or hostname of the data source. |
| Port |
The connection port for the data source and vary based on the data source being added. For example, for Endpoint the port is 9443, for Lists the port is 80 and so on. |
