Tips from the Security Analytics Support Desk
Here are a few tips from the Security Analytics Support Team they thought would be helpful for customers to get the most out of their Security Analytics deployment. Feel free to share topics you'd like to see in future Support Tips posts.
NTP Configuration:
Security Analytics relies on accurate time settings for capture, certificates, and CMC functionality. For this reason you should configure NTP onSettings > Date/Time prior to starting capture and prior to setting up a CMC VPN.
System Monitoring:
Symantec recommends that you frequently check /var/log/messages to see important status messages, statistics, and logs.
Health Status for High-Density Storage Arrays:
For Security Analytics E5660 300T Intelligent Storage Arrays (NetApp® E2760 Storage Arrays) you can do a health-status check by running this command from the head unit console:
SMcli -d;SMcli -n <array_name>
Check SAS Drives:
For Security Analytics J5300 40T Direct-Attached Storage you can see the RAID information on the SAS drives by running lsi-show
Documentation for lsi-show is located here: https://origin-symwisedownload.symantec.com//resources/webguides/security_analytics/ENG/80/Content/_Reference/ds_cli/lsi-show.htm
Direct Downloads of Software Upgrade TAR Files:
To download software upgrade TAR files from the CLI instead of the web UI, run this command:
wget --no-check-certificate --user=Y0UR-L1C3-N53K-K3YH --password= Y0UR-L1C3-N53K-K3YHhttps://upgrade.soleranetworks.com/upgrades/atpsa-8.0.2-53045-x86_64-DVD.tar