RSA New Witness

RSA New Witness is a powerful security tool developed by RSA Security that helps organizations detect and respond to threats from within their network. It provides advanced analytics, such as machine learning, to quickly identify malicious activity and alert users of potential issues.

Apica helps you to forward logs to the RSA New Witness using the forwarder plugin.

Supported Forwarding Formats

Apica enables users to quickly and easily forward logs in various formats to security tools, simplifying processing and analysis. The supported formats are,

Syslog
Syslog CEF

Steps to Create Arc Sight Forwarding

Expand the Create menu from the navigation bar and click Forwarder
Select the RSA New Witness based on the type of format you want to use
Click New Forwarder button in the top right corner
Provide the host of the New Witness and the name of the forwarder
Click Create

Once the forwarder is associated with a specific namespace/application or with various log attributes, the logs that match these criteria will be sent to RSA New Witness for further analysis.

PreviousArc Sight

Last updated 1 year ago