This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject

NetWitness Community

  • Home
  • Products
    • NetWitness Platform
      • Advisories
      • Documentation
        • Platform Documentation
        • Known Issues
        • Security Fixes
        • Hardware Documentation
        • Threat Content
        • Unified Data Model
        • Videos
      • Downloads
      • Integrations
      • Knowledge Base
    • NetWitness Cloud SIEM
      • Advisories
      • Documentation
      • Knowledge Base
    • NetWitness Detect AI
      • Advisories
      • Documentation
      • Knowledge Base
    • NetWitness Investigator
    • NetWitness Orchestrator
      • Advisories
      • Documentation
      • Knowledge Base
      • Legacy NetWitness Orchestrator
        • Advisories
        • Documentation
  • Community
    • Blog
    • Discussions
    • Events
    • Idea Exchange
  • Support
    • Case Portal
      • Create New Case
      • View My Cases
      • View My Team's Cases
    • Community Support
      • Getting Started
      • News & Announcements
      • Community Support Forum
      • Community Support Articles
    • Product Life Cycle
    • Support Information
    • General Security Advisories
  • Training
    • Blog
    • Certification Program
    • Course Catalog
    • New Product Readiness
    • On-Demand Subscriptions
    • Student Resources
    • Upcoming Events
  • Technology Partners
  • Trust Center
Sign InRegister Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Platform Documentation
Browse the official NetWitness Platform documentation for helpful tutorials, step-by-step instructions, and other valuable resources.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
  • NetWitness Community
  • Products
  • NetWitness Platform
  • Documentation
  • Options
    • Subscribe
    • English
    • French (Français)
    • German (Deutsche)
    • Japanese (日本人)
    • Spanish (Español)
Versions
Collections
All Downloads

Table of Contents

  •   Release Notes
    •   Release Notes 11.7
    •   Release Notes 11.7.0.1
    •   Release Notes 11.7.0.2
    •   Release Notes 11.7.1
    •   Known Issues
    •   Security Fixes
  •   Getting Started
    •   RSA NetWitness Platform
      •   Introduction
      •   User Roles
      •   Basic Navigation
      •   Logs and Network Investigation
      •   Endpoint Investigation
      •   User Entity Behavior Analysis
      •   Common Use Cases and Business Value
    •   Feeds, Parsers and Hunting Packs
      •   Content Quick Start Guide
      •   Network Data and Logs Hunting Guide
      •   UEBA Essentials Hunting Guide
      •   UEBA Essentials Hunting Pack
      •   Content Bundles (Packs)
      •   Investigation Model for Information Security Incident Response
      •   Investigation Feed
      •   Simple Feed Creation
      •   A Treatise on Writing Packet Parsers
      •   Log Parser Customization
      •   All RSA Content Information
  •   Install and Upgrade
    •   Understand the Architecture and Plan
      •   Look at Deployment from a High Level
      •   Choose Your Deployment Options
      •   Review the Architecture and Ports
      •   Third-Party Licenses
    •   Understand Licenses
      •   Understand NetWitness Licenses
    •   Download RSA NetWitness Platform Software
      •   View All Downloads
    •   Install on a Physical Host
      •   Set up Hardware
      •   Physical Host Installation
      •   Create a Build Stick
      •   Configure and Allocate Storage
    •   Install on an On-Premise Host
      •   Install on an On-Premise Virtual Host
      •   Configure and Allocate Storage
      •   Deploy Health and Wellness (BETA) on a Dedicated Virtual Host
    •   Install in the Cloud
      •   Install on an AWS Instance
      •   Install on an Azure Virtual Machine
      •   Install on a Google Cloud Platform Instance
      •   Configure and Allocate Storage
    •   Install Endpoints
      •   About Insights and Advanced Endpoint Agents
      •   Install an Endpoint Server
      •   Install Endpoint Agents
      •   Install and Configure an Endpoint Relay Server
      •   Migrate Version 4.4.0.x to RSA NetWitness Platform
    •   Install Standalone UEBA Server
      •   Install NetWitness UEBA
      •   Integrate with Third-Party SIEM
    •   Install Platform Licenses
      •   Understand How Licensing Works
      •   Understand License Types
      •   Install Product Licenses
    •   Upgrade from 11.x to 11.x
      •   11.x Physical or Virtual Host to Version 11.7
  •   Configure and Manage
    •   Basic Services
      •   Understand Hosts and Services
      •   Deploy Hosts and Install Services
      •   Services Configuration Properties
    •   Configure Live Services
    •   Configure Network Data Capture
      •   Configure a Network Decoder
      •   Configure a Broker or Concentrator
      •   Start and Stop Data Capture
      •   Filter Data and Set Up Alert Rules
      •   Configure Feeds and Parsers
      •   Configure Warehouse Connector
      •   Tuning your Core Database
    •   Configure Log Collection
      •   Capture Data
      •   Basic Log Collection
      •   Supported Event Sources
      •   Event Sources for Log Collection
      •   Search for Specific Event Sources
      •   Windows Legacy Collector
      •   Customize Log Parsers
      •   Edit Log Parsers
      •   Archive Log Data
      •   Configure Workbench
      •   Enable Endpoints for Log Collection
      •   Integration with LogStash
      •   Event Export Connector Installation and Configuration Guide
    •   Configure Endpoint Data Collection
      •   Configure the Endpoint Log Hybrid
      •   Forward Endpoint Data to a Log Decoder
      •   Define Agent Behavior
      •   Risk Score Calculation
      •   Monitor Endpoints outside Your Network
      •   NetWitness Endpoint 4.4
    •   Configure UEBA
    •   Configure Real-Time Analysis, Enrichment Lookup, and Automated Threat Detection
      •   Event Stream Analytics
      •   Best Practices for Writing ESA Rules
      •   Enrichment Lookup Capability
      •   Automated Threat Detection
    •   Configure Incident Management Capability
      •   Incident Response Settings
    •   Configure Application Settings
      •   Configure Access, Notification, Logging, Investigation, Live, and Syslog Settings
      •   Configure Your Dashboard
      •   Review the Dashboards Catalog
    •   Configure Reports
      •   Set Up RSA NetWitness for Report Generation
      •   Generate Reports
      •   Review Reports
      •   Review Core Compliance Reports
    •   Configure Security and User Access
      •   Secure the RSA NetWitness Platform Network
      •   Set Up System-Level Security Settings
      •   Change the Default Admin Password
      •   Configure External Authentication
      •   Configure PKI Authentication
      •   Use a Custom Server Certificate
      •   Manage Users with Roles and Permissions
      •   Implement Data Privacy
    •   Configure Your System
    •   Maintain the System
      •   Monitor Health and Wellness
      •   Monitor Health and Wellness Using Kibana
      •   Reissue Certificates
      •   Track License Usage
      •   Tune Core Database Performance
      •   Manage Periodic Backups and Incidental Restoring
  •   Investigate and Respond
    •   Respond to Incidents
      •   Incident Management
      •   Use Case Examples
    •   Configure System and View Investigate Settings
      •   Configure Query and Session Attributes for Analysts
      •   Configure Global Default Settings and Limits for Investigate
      •   Configure Navigate and Legacy Events View Settings (User Preference)
      •   Configure Events View Settings (User Preference)
      •   Configure Malware Analysis View Settings (User Preference)
    •   Investigate Network Data and Logs
      •   Search for Text Patterns
      •   Use Query Hints in the Events View
      •   Conduct Malware Analysis
    •   Investigate Endpoints
      •   Investigate Endpoints
      •   Isolate a Host from the Network
    •   Analyze User and Entity Behavior
  •   Integrate and Develop
    •   NetWitness Integrations
      •   Integrations Catalog
      •   Integrate with Archer
      •   Integrate with SecurID
      •   Integrate with NetWitness Endpoints
    •   Developer Tools
      •   NetWitness APIs
      •   RESTful API
      •   Core Services APIs
      •   Use the NwConsole
      •   Use the nw-shell Utility to Troubleshoot Operations

Product Resources

  •   Advisories
    •   NetWitness Platform
      •   Product Advisories
      •   Security Advisories
      •   Service Notifications
      •   Technical Advisories
    •   NetWitness Orchestrator
      •   Product Advisories
      •   Security Advisories
      •   Service Notifications
      •   Technical Advisories
  •   Blog
  •   Discussions
  •   Documentation
    •   NetWitness Platform
    •   Cloud SIEM
    •   Detect AI
    •   Hardware Setup Guides
    •   Investigator
    •   Orchestrator
    •   Threat Intelligence
  •   Downloads
    •   RSA NetWitness Platform
    •   RSA NetWitness Investigator
    •   RSA NetWitness Endpoint
  •   Events
  •   Ideas
  •   Integrations
  •   Knowledge Base
    •   NetWitness Platform
    •   NetWitness Endpoint 4.x
  •   Training
  •   Videos
Introduction

NetWitness® Platform 11.7

NetWitness is excited to announce the general availability of NetWitness Platform 11.7 which delivers powerful new analyst features for network detection and response (NDR), enhanced investigative workflow, enhanced endpoint management, upgrade checks and improved administration.

 

Security Fixes in the Release 

Known Issues in the Release

Release Notes
Release Notes
Release Notes for 11.7.1
Apr 18, 2022
Release Notes for 11.7.0.2
Mar 29, 2022
Release Notes for NetWitness 11.7 Language Pack
Mar 18, 2022
Release Notes for 11.7.0.1
Feb 22, 2022
Release Notes for 11.7
Nov 10, 2021
View All
Installation and Upgrade
Installation and Upgrade
Virtual Host Installation Guide for 11.7
May 18, 2022
Storage Guide for 11.7
Apr 20, 2022
UEBA Standalone Installation Guide for 11.7
Apr 13, 2022
AWS Installation Guide for 11.7
Apr 12, 2022
Azure Installation Guide for 11.7
Apr 12, 2022
View All
Administration
Administration
System Maintenance Guide for 11.7
Apr 13, 2022
Data Privacy Management Guide for 11.7
Apr 12, 2022
Core Database Tuning Guide for 11.7
Apr 12, 2022
Licensing Management Guide for 11.7
Apr 12, 2022
Recovery Tool User Guide for 11.7
Apr 12, 2022
View All
Configuration
Configuration
Warehouse Connector Configuration Guide for 11.7
Apr 13, 2022
Broker and Concentrator Configuration Guide for 11.7
Apr 12, 2022
Context Hub Configuration Guide for 11.7
Apr 12, 2022
ESA Configuration Guide for 11.7
Apr 12, 2022
Event Source Management Guide for 11.7
Apr 12, 2022
View All
Integration
Integration
NwConsole User Guide for 11.7
Apr 12, 2022
RESTful API User Guide for 11.7
Apr 11, 2022
NetWitness Shell User Guide for 11.7
Nov 10, 2021
Core Services API Guide for 11.7
Nov 10, 2021
Archer Integration Guide for 11.7
Nov 8, 2021
View All
Security Configuration Guides
Security Configuration Guides
Security Configuration Guide for 11.7
Apr 12, 2022
View All
User Guides
User Guides
UEBA User Guide for 11.7
Apr 13, 2022
UEBA Quick Start Guide for 11.7
Apr 13, 2022
Endpoint Quick Start Guide for 11.7
Apr 12, 2022
Alerting with ESA Correlation Rules User Guide for 11.7
Apr 12, 2022
Investigate Quick Start Guide for 11.7
Apr 12, 2022
View All

On this page

Powered by Khoros
  • Blog
  • Events
  • Discussions
  • Idea Exchange
  • Knowledge Base
  • Case Portal
  • Community Support
  • Product Life Cycle
  • Support Information
  • About the Community
  • Terms & Conditions
  • Privacy Statement
  • Acceptable Use Policy
  • Employee Login
© 2022 RSA Security LLC or its affiliates. All rights reserved.