Returns the available NetWitness SA users to be assigned to incidents.
RSA NetWitness Security Analytics
- Details
- Content
- Dependencies
- Version History
RSA Security Analytics, compatible with prior to v11. A distributed and modular system that enables highly flexible deployment architectures that scale with the needs of the organization. Security Analytics allows administrators to collect two types of data from the network infrastructure, packet data and log data.
Automations
| Name | Description |
|---|---|
| NetwitnessSAGetAvailableAssignees | |
| NetwitnessSACreateIncident | Create an incident inside NetWitness SA from a set of NetWitness events. |
NetwitnessSAGetComponents | Get a list of components in the NetWitness architecture. |
NetwitnessSAListIncidents | List NetWitness SA incidents. Filtering and sorting the list is also supported (see optional arguments). |
| NetwitnessSAAddEventsToIncident | This command will add new events to an existing NetWitness SA incident. |
NetwitnessSAGetEvents | Returns all the RSA NetWitness SA events in the defined time range. |
Integrations
| Name | Description |
|---|---|
| RSA NetWitness Security Analytics | RSA Security Analytics, compatible with prior to v11. A distributed and modular system that enables highly flexible deployment architectures that scale with the needs of the organization. Security Analytics allows administrators to collect two types of data from the network infrastructure, packet data and log data. |
Automations
| Name | Description |
|---|---|
| NetwitnessSAAddEventsToIncident | This command will add new events to an existing NetWitness SA incident. |
NetwitnessSAGetEvents | Returns all the RSA NetWitness SA events in the defined time range. |
NetwitnessSAGetComponents | Get a list of components in the NetWitness architecture. |
| NetwitnessSAGetAvailableAssignees | Returns the available NetWitness SA users to be assigned to incidents. |
NetwitnessSAListIncidents | List NetWitness SA incidents. Filtering and sorting the list is also supported (see optional arguments). |
| NetwitnessSACreateIncident | Create an incident inside NetWitness SA from a set of NetWitness events. |
Integrations
| Name | Description |
|---|---|
| RSA NetWitness Security Analytics | RSA Security Analytics, compatible with prior to v11. A distributed and modular system that enables highly flexible deployment architectures that scale with the needs of the organization. Security Analytics allows administrators to collect two types of data from the network infrastructure, packet data and log data. |
Required Content Packs (1)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
Optional Content Packs (0)
| Pack Name | Pack By |
|---|
All level dependencies (1)
| Pack Name | Pack By |
|---|---|
| Base | By: Cortex XSOAR |
1.0.14 - R3414854 (May 15, 2025)
- 39077
Download
Scripts
NetwitnessSAGetEvents
- Metadata and documentation improvements.
NetwitnessSAGetAvailableAssignees
- Metadata and documentation improvements.
NetwitnessSACreateIncident
- Metadata and documentation improvements.
NetwitnessSAListIncidents
- Metadata and documentation improvements.
NetwitnessSAAddEventsToIncident
- Metadata and documentation improvements.
NetwitnessSAGetComponents
- Metadata and documentation improvements.
- 39077
Download
1.0.13 - R2989425 (March 26, 2025)
- 37407
- 37402
- 37403
- 37405
- 37406
- 37404
Download
Scripts
NetwitnessSACreateIncident
- Updated the Docker image to: demisto/python3:3.11.10.115186.
NetwitnessSAListIncidents
- Updated the Docker image to: demisto/python3:3.11.10.115186.
NetwitnessSAGetComponents
- Updated the Docker image to: demisto/python3:3.11.10.115186.
NetwitnessSAGetEvents
- Updated the Docker image to: demisto/python3:3.11.10.115186.
NetwitnessSAGetAvailableAssignees
- Updated the Docker image to: demisto/python3:3.11.10.115186.
NetwitnessSAAddEventsToIncident
- Updated the Docker image to: demisto/python3:3.11.10.115186.
- 37407
- 37402
- 37403
- 37405
- 37406
- 37404
Download
1.0.12 - R1709192 (November 26, 2024)
- 32030
Download
Scripts
NetwitnessSAAddEventsToIncident
- Updated the Docker image to: demisto/python3:3.10.13.83255.
NetwitnessSAGetAvailableAssignees
- Updated the Docker image to: demisto/python3:3.10.13.83255.
NetwitnessSAListIncidents
- Updated the Docker image to: demisto/python3:3.10.13.83255.
NetwitnessSAGetComponents
- Updated the Docker image to: demisto/python3:3.10.13.83255.
NetwitnessSACreateIncident
- Updated the Docker image to: demisto/python3:3.10.13.83255.
NetwitnessSAGetEvents
- Updated the Docker image to: demisto/python3:3.10.13.83255.
- 32030
Download
1.0.11 - R6592021 (October 13, 2023)
- 28088
Download
Scripts
NetwitnessSAAddEventsToIncident
- Updated the Docker image to: demisto/python3:3.10.12.63474.
NetwitnessSAGetAvailableAssignees
- Updated the Docker image to: demisto/python3:3.10.12.63474.
NetwitnessSAListIncidents
- Updated the Docker image to: demisto/python3:3.10.12.63474.
NetwitnessSAGetComponents
- Updated the Docker image to: demisto/python3:3.10.12.63474.
NetwitnessSACreateIncident
- Updated the Docker image to: demisto/python3:3.10.12.63474.
NetwitnessSAGetEvents
- Updated the Docker image to: demisto/python3:3.10.12.63474.
- 28088
Download
1.0.14 - R3414854 (May 15, 2025)
- 39077
Download
Scripts
NetwitnessSAGetEvents
- Metadata and documentation improvements.
NetwitnessSAGetAvailableAssignees
- Metadata and documentation improvements.
NetwitnessSACreateIncident
- Metadata and documentation improvements.
NetwitnessSAListIncidents
- Metadata and documentation improvements.
NetwitnessSAAddEventsToIncident
- Metadata and documentation improvements.
NetwitnessSAGetComponents
- Metadata and documentation improvements.
- 39077
Download
1.0.13 - R2989425 (March 26, 2025)
- 37407
- 37402
- 37403
- 37405
- 37406
- 37404
Download
Scripts
NetwitnessSACreateIncident
- Updated the Docker image to: demisto/python3:3.11.10.115186.
NetwitnessSAListIncidents
- Updated the Docker image to: demisto/python3:3.11.10.115186.
NetwitnessSAGetComponents
- Updated the Docker image to: demisto/python3:3.11.10.115186.
NetwitnessSAGetEvents
- Updated the Docker image to: demisto/python3:3.11.10.115186.
NetwitnessSAGetAvailableAssignees
- Updated the Docker image to: demisto/python3:3.11.10.115186.
NetwitnessSAAddEventsToIncident
- Updated the Docker image to: demisto/python3:3.11.10.115186.
- 37407
- 37402
- 37403
- 37405
- 37406
- 37404
Download
1.0.12 - R1709192 (November 26, 2024)
- 32030
Download
Scripts
NetwitnessSAAddEventsToIncident
- Updated the Docker image to: demisto/python3:3.10.13.83255.
NetwitnessSAGetAvailableAssignees
- Updated the Docker image to: demisto/python3:3.10.13.83255.
NetwitnessSAListIncidents
- Updated the Docker image to: demisto/python3:3.10.13.83255.
NetwitnessSAGetComponents
- Updated the Docker image to: demisto/python3:3.10.13.83255.
NetwitnessSACreateIncident
- Updated the Docker image to: demisto/python3:3.10.13.83255.
NetwitnessSAGetEvents
- Updated the Docker image to: demisto/python3:3.10.13.83255.
- 32030
Download
1.0.11 - R6592021 (October 13, 2023)
- 28088
Download
Scripts
NetwitnessSAAddEventsToIncident
- Updated the Docker image to: demisto/python3:3.10.12.63474.
NetwitnessSAGetAvailableAssignees
- Updated the Docker image to: demisto/python3:3.10.12.63474.
NetwitnessSAListIncidents
- Updated the Docker image to: demisto/python3:3.10.12.63474.
NetwitnessSAGetComponents
- Updated the Docker image to: demisto/python3:3.10.12.63474.
NetwitnessSACreateIncident
- Updated the Docker image to: demisto/python3:3.10.12.63474.
NetwitnessSAGetEvents
- Updated the Docker image to: demisto/python3:3.10.12.63474.
- 28088
Download
PUBLISHER
PLATFORMS
Cortex XSOARCortex XSIAM
INFO
| Certification | Certified | Read more |
| Supported By | Cortex | |
| Created | June 30, 2020 | |
| Last Release | May 15, 2025 |
WORKS WITH THE FOLLOWING INTEGRATIONS:
