RSA Netwitness
App Vendor: RSA Security
Connector Category: Vulnerability Management
Connector Version: 1.0.2
API Version: 1.0.0
About App
The RSA Netwitness integrates with Orchestrate to enable organizations with incident response management. Analysts can quickly detect and respond to network threats in real-time.
The RSA Netwitness app in the Orchestrate application can perform the following actions:
Action Name | Description |
|---|---|
Collect Incident Logs | This action collects incident logs from RSA Archer. |
Get RSA Archer Incident | This action retrieves RSA Archer Incident Details. |
Retrieve a pcap file | This action retrieves a pcap file from RSA Netwitness. |
Search for an alert in the RSA Archer | This action searches for a triggered alert. |
Search for an event in a triggered alert in RSA Archer | This action searches for an event in a triggered alert in RSA Archer. |
Upload a parser/feed to RSA Netwitness | This action uploads Parsers and Feeds to RSA Netwitness. |
Configuration Parameters
The following configuration parameters are required for the RSA Netwitness app to communicate with the RSA Netwitness enterprise application. The parameters can be configured by creating instances in the app.
Parameter | Description | Field Type | Required / Optional | Comments |
|---|---|---|---|---|
IP | Enter the IP address of RSA Netwitness. | Text | Required | |
User Name | Enter the user name. | Text | Required | |
Password | Enter the password. | Text | Required | |
Port | Enter the port number in which RSA Netwitness is accessible. | Text | Required |