.png?width=180&height=32&name=NW%20Logo%20(2).png){kind=small}
Issue
How to test the Connectivity between Endpoint Agents and Endpoint Server for Endpoint Collection.
Tasks
This article explains how to test the connectivity between the Endpoint Windows Agents and EndPoint Server on TCP/443 and UDP/444 used for EndPoint Collection.
Resolution
In order to collect Endpoint data from the Agents, communication should be on TCP/443 and UDP/444 in the direction from the Agent to the EPLH Server as per Network Architecture and Ports ( https://community.rsa.com/docs/DOC-83050).So in order to test the communication, run the below commands on CMD:
C:\Users\Administrator>cd\
C:\>cd Windows
C:\Windows>cd System32
C:\Windows\System32>NWEAgent.exe/testnet
C:\>cd Windows
C:\Windows>cd System32
C:\Windows\System32>NWEAgent.exe/testnet
The output should be something like the below screenshot.
Notes
For Windows and File Log Collection, we need to open different ports.
Product Details
RSA Product Set: RSA NetWitness PlatformRSA Product/Service Type: Endpoint Log Hybrid
RSA Version/Condition: 11.3.x and 11.4.x
Platform: CentOS 7
Approval Reviewer Queue
RSA NetWitness Suite Approval Queue