RSA enVision Advanced Administration

Contact PI


  • classroom

  • virtual

  • Onsite

← Continue Searching

Duration: 5 Days

In this course, you will cover in-depth the enVision data collection, reports, alerts, and Event Explorer. You will learn how to configure enVision to collect data from non-syslog collection methodologies and the best practices for reports and alerts. You will also create advanced charts and tables in Event Explorer.

What You Will Learn

  • enVision collection process, including troubleshooting techniques
  • Collection methodologies
  • Configure enVision to collect data from non-syslog event sources
  • Troubleshoot collection issues
  • Best practices for reports and alerts
  • Set up a security policy for reporting
  • Create reports that support the security policy
  • Plan a strategy for alerting
  • Create alerts using multithreading, cache variables, thresholds, and severity levels
  • Extract data in Event Explorer using charts and tables
  • Best practices for charts and tables
  • Event Trace data stores
  • Create charts using SQL in Event Explorer

Audience

Customers and partners administering the RSA enVision product

Prerequistes

RSA enVision Administration plus three to six months of experience using enVision

Course Outline

1. Configuring Data Collection

  • enVision collection process
  • Tips and techniques for troubleshooting the collection process
  • Configuring and troubleshooting LEA collection service
  • Configuring and troubleshooting SDEE collection service
  • Configuring and troubleshooting File Reader collection service
  • Configuring and troubleshooting Windows collection service
  • Configuring and troubleshooting Agentless Windows collection
  • Configuring and troubleshooting ODBC collection service
  • Configuring and troubleshooting SNMP collection service
  • VMware collector

2. Advanced Reporting

  • Security management reporting strategy
  • Best practices for reports
  • Reporting performance enhancements
  • Troubleshooting reports

3. Advanced Alerting

  • Alert strategy planning
  • Best practices for alerts
  • Rule-creation process
  • Advanced alerting techniques
  • Debugging correlation rules

4. Extracting Data Using Event Explorer

  • Exploring taxonomy in Event Explorer
  • Best practices for charts and tables
  • Event trace storage
  • Advanced charting using SQL
  • Data extraction using drill down and data points
  • Extracting data using advanced tablesChart dashboard

Course Labs

In addition to lecture and demonstrations, this course includes hands-on labs designed to give you practical experience.