Monitor Event Sources

Note: For NetWitness 11.4.1, this view has been deprecated. To manage Event Sources, use the netwitness_adminicon_25x22.png (Admin) > Event Sources view. For details, see "About Event Source Management" in theNetWitness Event Source Management Guide.

The event source monitoring feature of NetWitness provides the following functionality:

  • Support for failover
  • A consolidated list of event sources and their associated Collector and Log Decoder devices
  • Regex support for rules
  • Decommission event source monitoring
  • Filtering capabilities
  • Historical graph

In addition, you can monitor event sources, check the number of events generated from a source type and view the historical graph of the events collected. To monitor event sources, you must configure the event sources so that they generate and send out notifications when required.