RSA NetWitness Administration

Have Queries? Ask us +91 72592 22234

Course Overview

The RSA NetWitness Administration training course focuses on administration of the RSA NetWitness product. This course provides an overview of RSA NetWitness, hands-on installation and configuration of components, including a Log Decoder, managing users, and creating filters and rules. Additionally, the RSA NetWitness Administration course covers integration with other products, monitoring capabilities and troubleshooting of common issues.

Course Content

RSA NetWitness Overview   

  • RSA NetWitness architecture
  • RSA NetWitness components
  • Data flow between components

Appliance Setup and Software Installation   

  • RSA NetWitness appliance setup
  • RSA NetWitness software components

Configuring RSA NetWitness   

  • Managing Services
  • Configuring and Managing Devices
  • Setting up data collection of packets and logs
  • Viewing packets and logs in Investigator

RSA NetWitness Live   

  • RSA NetWitness Live Overview
  • Configuring NetWitness Live subscriptions
  • Managing a Live feed

Managing Users   

  • User management interface
  • User groups and roles
  • Creating users and groups
  • Viewing groups and roles
  • Configuring external authentication
  • Editing user settings
  • Informer roles
  • Creating Informer Users

Creating Rules and Filters   

  • Rules, filters, feeds and parsers
  • Decoder filters and Informer rules
  • Best practices for creating filters and rules
  • Creating Decoder filters
  • Creating Informer rules and alerts
  • Creating a feed
  • Pushing a rule to the Decoder
  • Reprocessing a collection

Integrating RSA NetWitness with Other Products   

  • NetWitness SIEM link
  • Setting up Informer to communicate with SIEM products
  • Connecting to HP ArcSight
  • The RSA enVision Connector

Monitoring RSA NetWitness   

  • Tools that can be used to monitor RSA NetWitness components
  • Configuring SNMP
  • Monitoring NetWitness components for performance and efficiency
  • Tips and best practices for tuning the Decoder, Concentrator, Broker and Informer
  • Methods for viewing and modifying logs

Troubleshooting RSA NetWitness   

  • Common problems
  • Investigating and resolving common problems
  • Troubleshooting tools

Customer Reviews

Thanks to Xpertised and the tutor who walked me through all the topics with Practical exposure which is helping me in my current project.

Course was quite helpful in terms of understanding of concepts and practicality. Its really a very friendly environment to learn. The timing were mutually chosen, as we both are working professional. I am quite satisfied with the course.


For Batch Details
Call us at: +91 7259222234

Not sure? Consult Our Experts

Looking for a Training for


My Team/Organization

I agree to be contacted over mail or phone

Call us at: +91 7259222234