This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject

NetWitness Community

  • Home
  • Products
    • NetWitness Platform
      • Advisories
      • Documentation
        • Platform Documentation
        • Known Issues
        • Security Fixes
        • Hardware Documentation
        • Threat Content
        • Unified Data Model
        • Videos
      • Downloads
      • Integrations
      • Knowledge Base
    • NetWitness Cloud SIEM
      • Advisories
      • Documentation
      • Knowledge Base
    • NetWitness Detect AI
      • Advisories
      • Documentation
      • Knowledge Base
    • NetWitness Investigator
    • NetWitness Orchestrator
      • Advisories
      • Documentation
      • Knowledge Base
      • Legacy NetWitness Orchestrator
        • Advisories
        • Documentation
  • Community
    • Blog
    • Discussions
    • Events
    • Idea Exchange
  • Support
    • Case Portal
      • Create New Case
      • View My Cases
      • View My Team's Cases
    • Community Support
      • Getting Started
      • News & Announcements
      • Community Support Forum
      • Community Support Articles
    • Product Life Cycle
    • Support Information
    • General Security Advisories
  • Training
    • Blog
    • Certification Program
    • Course Catalog
    • New Product Readiness
    • On-Demand Subscriptions
    • Student Resources
    • Upcoming Events
  • Technology Partners
  • Trust Center
Sign InRegister Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
socuser
socuser Occasional Contributor
Occasional Contributor
since ‎2019-06-21
yesterday

User Statistics

  • 38 Posts
  • 0 Solutions
  • 6 Likes given
  • 1 Likes received
Narrator
Conversationalist
Time Honored
Frequent Flyer
View all badges
Announcement Banner

Users are unable to open Netwitness Support Cases via email. Please open support cases via portal or by phone

View Details
  • NetWitness Community
  • About socuser

User Activity

  • Posts
  • Replies

Using IP List in ESA Rule

by socuser 2022-03-22 general.in NetWitness Discussions • latest reply by drewjc 2022-04-04
2022-03-22
Hi Team, I has a list of Suspicious IP List, I need to create a Alert rule which triggered based on the connection from Suspcious IP, Inside ESA rule i need to use LIST feature , pls help us on this requirement Thanks, SOCUSER

AD authentication in SIEM

by socuser 2022-03-15 general.in NetWitness Discussions
2022-03-15
Hi Team, As a Compliance requirement , we must authenticate with AD Login into SIEM please help us the steps to configure AD Authentication in RSA Netwitness. Thanks & Regards, SOCTEAM

SYSLOG in Encrypted Channel

by socuser 2022-01-14 general.in NetWitness Discussions • latest reply by VincentWareham 2022-02-22
2022-01-14
Dear Team, Our Critical Event Source is in Cloud, we need to forward those logs to our VLC, we have achieved this in syslog via UDP 514 Port ,logs are forwarded to VLC. But we want logs to be forward in encrypted SSL channel because log collection is...

Ship Archiver Data to New NAS

by socuser 2022-01-09 general.in NetWitness Discussions • latest reply by sravan.koneti 2022-03-19
2022-01-09
Hi Team, We have a Temporary NAS Mounted to Archiver for 6 months , now we received new Permanent NAS Solution, we need to move all the Data from Temporary NAS to Permanent NAS, is their any easy way to achieve this. we need to move 60 TB of data to ...

Alert is not Grouping Properly as Incident

by socuser 2022-01-06 general.in NetWitness Discussions • latest reply by ksk2021 Thursday
2022-01-06
Hi Team, Alerts are not grouping into a Single Incident, In Incident Rule we are grouping Alerts based on the Source IP within in one hour. In that case of 1 hours , all the alerts relates to the source IP should be grouped under one Incident but it ...
View more

Re: Ship Archiver Data to New NAS

by socuser 2022-03-19 general.in NetWitness Discussions
2022-03-19
HI Sravan , Currently our Archiver is mounted with temporary NAS Storage as warm storage, and we got permanent NAS Storage solution and we have mounted it successfully. We need to migrate the old data from temporary NAS to Permanent NAS ASAP because ...

Re: RSA Netwitness Respond API Accesstoken

by socuser 2021-12-19 general.in NetWitness Discussions
2021-12-19
Hi Helmut Wahrmann, Thanks for the response, may I know the expire time frame, it not mentioned in the Document anywhere.

Re: Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password) on filecolection using sasftpagent.sh

by socuser 2021-11-08 general.in NetWitness Discussions
2021-11-08
thanks for the replay @sravan.koneti , Got solved in Support Case 

Re: NwRecovery Backup fails

by socuser 2021-08-13 general.in NetWitness Discussions
2021-08-13
Hi John , thanks for the input shared it works like germ

Re: Mongodb update field value

by socuser 2021-04-06 general.in NetWitness Discussions • latest reply by JoshRandall 2021-04-07
2021-04-06
Dear Mongo, Even I tried changing the Status from New to Assigned with valid Status value , Mongodb updated successful but RSA Netwitness Respondtab is not working properly for that changed incidents, PFA of Valid Incident status values and incident ...
View more
Likes from
User Count
JoshRandall
Valued Contributor JoshRandall Valued Contributor
1
View all
Likes given to
User Count
Anonymous
1
JohnSnider
Trusted Contributor JohnSnider Trusted Contributor
1
AaronMartin2
Employee AaronMartin2
1
JaimeMoscosoSOC
JaimeMoscosoSOC Contributor
1
NetWitnessTeam
Employee NetWitnessTeam
1
View all
Powered by Khoros
  • Blog
  • Events
  • Discussions
  • Idea Exchange
  • Knowledge Base
  • Case Portal
  • Community Support
  • Product Life Cycle
  • Support Information
  • About the Community
  • Terms & Conditions
  • Privacy Statement
  • Acceptable Use Policy
  • Employee Login
© 2022 RSA Security LLC or its affiliates. All rights reserved.