Logging in to NetWitness Platform

Note: NetWitness supports modern (or current) versions of Google Chrome, Mozilla Firefox, Microsoft Edge, and Apple Safari. It is possible to use a different browser, but some features may not function as expected. Internet Explorer is no longer supported.

Logging in to NetWitness can vary based on your environment. You may have an internal user account or an external user account. Internal user accounts are local to the NetWitness and internal users can log in to NetWitness and receive role-based permissions. External user accounts authenticate outside of the NetWitness and are mapped to NetWitness roles. If you are an external user and you cannot access NetWitness or view the information that you need, contact your System Administrator. Your Administrator can assign the appropriate roles to your account.

The NetWitness Platform  also supports Single Sign-On authentication (SSO) using Security Assertion Markup Language 2.0 (SAML 2.0) protocol with Active Directory Federation Services (ADFS) as the Identity Provider.

If SSO authentication is enabled by your administrator, you will be redirected to the Identity Provider User Interface instead of the default NetWitness login page. After you enter the username and password you will be securely logged into NetWitness Platform.

Note: Single Sign-On (SSO) authentication can be used to access the NetWitness Platform  UI, and Analyst UI Deployment.

  1. Use the icon provided by your Administrator, or type the following in your web browser:
    https://<hostname or IP address>/login
    Where <hostname or IP address> is the hostname or the IP address of your NetWitness server.
    If Single Sign-On authentication is enabled, this redirects you to the ADFS login screen.
  2. Enter the username and password, and then click Sign in.
    If the login is successful, you will be logged into the landing page specified in the user preferences.

Note: If you had previously authenticated to any other application configured to the same IDP, then you may be redirected to the requested NetWitness Platform UI without being prompted for the credentials.

If you are locked out

Note: This information applies to internal accounts only. It does not apply to Active Directory or PAM accounts.

If you try too many times to log in with an incorrect username or password, your account will be locked. Contact your Administrator to unlock your account.

If you have a new account or your account is expired

Note: This procedure applies to internal accounts only. It does not apply to Active Directory or PAM accounts.

  1. In the dialog to create a new password, enter your old password, type a new password, and confirm it. Password format rules (as defined by your system administrator) are provided on the left and your new password must conform to the indicated format rules.
    125_Change_Password_0824_1123x826.png
  2. Click Change Password.

If you do not have the appropriate access to NetWitness

If you are able to log in successfully, but you are not able to view the information that you need, it is possible that you need a user role assigned to your user account. Contact your NetWitness Administrator for assistance.

Log Off NetWitness Platform

To log off from the Respond and some Investigate views

  1. In the main menu bar, select your username, for example, netwitness_admin_icon_59x17.png.
  2. In the User Preferences, click Sign Out.

To log off from the other views

In the main menu bar, select your username and then select Sign Out.