.png?width=180&height=32&name=NW%20Logo%20(2).png){kind=small}
QuickStart
What is NetWitness UEBA?
NetWitness UEBA (User and Entity Behavior Analytics) is an advanced analytics solution for discovering, investigating, and monitoring risky behaviors across all users and entities in your network environment. NetWitness UEBA is used for following reasons:
- Detecting malicious and rogue users
- Pinpointing high-risk behaviors
- Discovering attacks
- Investigating emerging security threats
- Identify potential attacker activity
About this Guide
This guide provides end-to-end instructions to configure NetWitness UEBA and to use UEBA features.
Getting Started
The following tasks can be performed in any sequence.
Setup and Installation
You can setup and install NetWitness UEBA by performing Standalone Installation and Fresh Installation.
Standalone Installation
The following tasks must be performed in the following sequence.
Fresh Installation
The following tasks needs to be performed in the following sequence.
Update
The following tasks must be performed in the following sequence.
Investigation
The following tasks can be performed in any sequence.
Monitoring
The following tasks can be performed in any sequence.
Getting Help with NetWitness Platform
There are several options that provide you with help as you need it for installing and using NetWitness:
- See the documentation for all aspects of NetWitness here: https://community.netwitness.com/s/netwitness-platform-documentation
- Use the Search and Create a Post fields in NetWitness Community portal to find specific information here: https://community.netwitness.com/t5/netwitness-discussions/bd-p/netwitness-discussions
- See the NetWitness Knowledge Base: https://community.netwitness.com/t5/netwitness-knowledge-base/tkb-p/netwitness-knowledge-base
- See Troubleshooting section in the guides.
- See also NetWitness® Platform Blog Posts.
- If you need further assistance, contact NetWitness Support.
Use these links to access documentation that is not related to a particular version of the software:
- Hardware setup guides: https://community.netwitness.com/t5/netwitness-platform-hardware/tkb-p/netwitness-hardware-documentation
- Documentation support for features such as feeds, parsers, application rules, and reports: https://community.netwitness.com/t5/threat-intelligence/ct-p/threat-intelligence.