RSA Netwitness Training

 >>  RSA Netwitness Training

RSA Netwitness Training


 (4.9) | 550 Ratings


Introduction


RSA Netwitness Training Details
Track Regular Track Weekend Track Fast Track
Course Duration 35 Hrs 8 Weekends 5 Days
Hours 1hr/day 2 Hours a day 6 Hours a day
Training Mode Online Classroom Online Classroom Online Classroom
Delivery Instructor Led-Live Instructor Led-Live Instructor Led-Live


Course Curriculum

Overview of RSA Netwitness

  • What is RSA NetWitness Logs
  • RSA NetWitness Logs architecture
  • RSA NetWitness Logs Data flow
  • Log Deployment scenarios
  • Data sources
  • RSA NetWitness Logs user interface
  • Customizing the interface

Basics of Investigation

  • What is metadata?
  • Differentiating between the packets and logs
  • Differentiating between data and metadata
  • Customizing the investigation screens
  • Viewing reconstructed events
  • How to Write queries simple and complex
  • Describing the purpose of meta key indexing
  • Customizing data and meta data displays
  • Creating data visualizations of RSA NetWitness Logs and Packets Training
  • Creating meta groups
  • Custom column groups Creation
  • Using complex queries, drills and views to perform investigations

Configuring RSA NetWitness Logs

  • Administration Module Overview
  • Configuring services
  • Configuring Live
  • Configuration files
  • Configuring Event Stream Analysis (ESA)
  • Configuring Incident Management
  • Configuring the Reporting Engine
  • Configuring the Archiver
  • Configure the Context Hub
  • Explain the licensing model
  • Configuring Data Privacy

Creating Compliance Reports

  • Reporting data sources
  • Reporting components
  • Role Based Access Control
  • Creating Charts
  • Creating compliance reports
  • Deploying compliance reports from Live

Refining the Dataset

  • Filtering data with rules
  • Metadata Taxonomy concepts
  • parsers populate meta keys Description
  • Using alerts and metadata to investigate potential threats
  • Using Application rules to create new meta
  • Using Correlation rules to create new meta
  • Deploying content from RSA Live to create new meta
  • Determining the cause of an incident

Creating Log Parsers

  • The meta framework
  • Introduction to parsers
  • Creating a log parser using ESI
  • Deploy a log parser
  • Debugging log parsers

Setting Up Data Collection

  • Setting up capture for log data
  • Setting up event source monitoring
  • Troubleshooting event source collection

Setting up collection for:

  • Syslog
  • File Reader
  • VMware
  • SDEE
  • SNMP
  • Windows
  • ODBC
  • Check Point
  • NetFlow
  • Validating data capture
  • Configuring log collection

Exam & Certification

0

Course Review

(4.9)
5 stars
4 stars
3 stars
2 stars
1 stars

Course Curriculum

Overview of RSA Netwitness

  • What is RSA NetWitness Logs
  • RSA NetWitness Logs architecture
  • RSA NetWitness Logs Data flow
  • Log Deployment scenarios
  • Data sources
  • RSA NetWitness Logs user interface
  • Customizing the interface

Basics of Investigation

  • What is metadata?
  • Differentiating between the packets and logs
  • Differentiating between data and metadata
  • Customizing the investigation screens
  • Viewing reconstructed events
  • How to Write queries simple and complex
  • Describing the purpose of meta key indexing
  • Customizing data and meta data displays
  • Creating data visualizations of RSA NetWitness Logs and Packets Training
  • Creating meta groups
  • Custom column groups Creation
  • Using complex queries, drills and views to perform investigations

Configuring RSA NetWitness Logs

  • Administration Module Overview
  • Configuring services
  • Configuring Live
  • Configuration files
  • Configuring Event Stream Analysis (ESA)
  • Configuring Incident Management
  • Configuring the Reporting Engine
  • Configuring the Archiver
  • Configure the Context Hub
  • Explain the licensing model
  • Configuring Data Privacy

Creating Compliance Reports

  • Reporting data sources
  • Reporting components
  • Role Based Access Control
  • Creating Charts
  • Creating compliance reports
  • Deploying compliance reports from Live

Refining the Dataset

  • Filtering data with rules
  • Metadata Taxonomy concepts
  • parsers populate meta keys Description
  • Using alerts and metadata to investigate potential threats
  • Using Application rules to create new meta
  • Using Correlation rules to create new meta
  • Deploying content from RSA Live to create new meta
  • Determining the cause of an incident

Creating Log Parsers

  • The meta framework
  • Introduction to parsers
  • Creating a log parser using ESI
  • Deploy a log parser
  • Debugging log parsers

Setting Up Data Collection

  • Setting up capture for log data
  • Setting up event source monitoring
  • Troubleshooting event source collection

Setting up collection for:

  • Syslog
  • File Reader
  • VMware
  • SDEE
  • SNMP
  • Windows
  • ODBC
  • Check Point
  • NetFlow
  • Validating data capture
  • Configuring log collection

    Click here for Help and Support: info@sacrostectservices.com     For Inquiry Call Us:   +91 996-629-7972(IND)

  +91 996-629-7972(IND)
X

Quick Enquiry

X

Business Enquiry