Windows Integration with RSA Security Analytics using WinRM over HTTPS – Step by Step Guide

Hello RSA Admins, As most of you know, integrating the windows event source with RSA security analytics is not that easy “straight forward”, or it’s hard to do it from the first time without any error, that’s because the integration depends on the windows configuration in the first place, and the windows vary from an …

Continue reading ‘Windows Integration with RSA Security Analytics using WinRM over HTTPS – Step by Step Guide’ »

Certificates disappear from the RSA SA GUI, but still available on the LogDecoder.

Hello RSA Admins, while I am try to upload a certificate in my Lab, I noticed that the Certificates disappear from the SA GUI suddenly, but still available on the LogDecoder. Most likely, this will happen if we uploaded a certificate to the RSA LogDecoder/Collector, that has the “subject” field empty when it was originally …

Continue reading ‘Certificates disappear from the RSA SA GUI, but still available on the LogDecoder.’ »

How to reset lockbox Password in RSA Security analytics Step by Step

Hello RSA Admins, In this topic we will discuss in details how to reset RSA security analytics Lockbox password, so here we go   Connect to the Log Collector appliance via SSH as the root user. Change directory to /etc/netwitness/ng/vault/ with the following command: cd /etc/netwitness/ng/vault Make a new directory to backup the existing lockbox …

Continue reading ‘How to reset lockbox Password in RSA Security analytics Step by Step’ »