The attached script can be used to pull inventory (serial numbers) from
all hosts in the NW environment. Using racadm it also pulls the
PowerVault Serial numbers for your storage (for old DAC storage, there
is no access to serial numbers via racadm)....
The RSA Professional Services Team has created many procedures and
scripts to aide in administration of the NetWitness Platform. These were
designed to make some aspects of system maintenance and operation easier
to perform, especially for large depl...
Change Note:The attached script for changing passwords across all
Netwitness hosts, has been updated due to changes in salt version in
11.4.SynopsisNormally resetting the root password is a simple task if
you’re logged in already with root privileges...
Updated for Version 12.x (backward compatible to 11.x) Scenario - Need
to remotely backup your NetWitness hosts to a central location, to
satisfy Disaster Recovery Requirements, perform a Tech Refreshes, or to
be prepared for RMA replacement of a dev...
Scenario - Due to a slow or unstable WAN link between host(s) and the NW
Admin Server (node-zero) host, installs and/or upgrades are failing to
complete successfully.Solution – External RepoCreate an external
netwitness repo that is closer to the hos...
Forget the instruction for the /etc/default/jetty.user file, it can only
cause issues if anything is not rightclear the jetty.user and add JUST
this line to it:JAVA_OPTIONS=`echo "${JAVA_OPTIONS}" | sed -E
's/Xms[0-9]+G/Xms16G/' | sed -E 's/Xmx[0-9]+...
how many hosts are in the deployment? I've experienced this in our
larger deployments (>100 hosts). you can adjust the JVM memory in the
/etc/netwitness//.conf file
Please note that in 12.x versions this should no longer be needed, use:
https://netwitness/nwrpmrepo//to access
the locally hosted feed on node0 (create a folder under
/var/netwitness/common/repo/ directory to host your feed files.
Great writeup and process, good info, might want to add an external
lookup to the site using https://ciphersuite.info/search/?q={0} for the
crypto key, to get more information on WHY the key is insecure or weak
Cody, One suggestion on the feed setup and change to the /etc/hosts
file. Since this is a chef controlled file, I'd suggest modifying the
/etc/hosts.user file to make the change and then run the chef job to
update the /etc/hosts file, from the /etc/h...
