How to Customize Your Grafana Theme

Posted by on Dec 7, 2017 in NetEye | 0 comments

Grafana

Grafana is an open source dashboard tool that helps users to easily create and edit dashboards. Grafana uses Golang as a backend and Angular as frontend. It is quite a large codebase and supports a large number of options for its components (data sources, options, panels, etc.). Grafana’s stylesheet is written using the Sass CSS extension language. This preprocessor can help customizing themes.

Read More

The Role of IT Asset Management in GDPR Compliance – Part I

Posted by on Nov 28, 2017 in Log Auditing, NetEye | 0 comments

GDPR_NetEye_IT_AssetManagement

In this post, and in the one that will follow in the next weeks, I would like to analyze the role of IT Asset Management in adapting to the new General Data Protection Regulations (GDPR).
In this first article I will briefly introduce what the GDPR is, what measures it introduces, and how the IT Asset Management (ITAM) can support it.
In the next article, I will list the modules provided by NetEye, our IT System Management solution, for the ITAM implementation.

Introduction to GDPR

The General Data Protection Regulation (GDPR) (Regulation (EU) 2016/679) is a regulation by which the European Parliament, the Council of the European Union and the European Commission intend to strengthen and unify data protection for all individuals within the European Union (EU). It also addresses the export of personal data outside the EU. The GDPR aims primarily to give control back to citizens and residents over their personal data and to simplify the regulatory environment for international business by unifying the regulation within the EU. It becomes enforceable from 25 May 2018 after a two-year transition period and, unlike a directive, it does not require national governments to pass any enabling legislation, and is thus directly binding and applicable. Wikipedia

Read More

EriZone – Security Advisory

Posted by on Nov 27, 2017 in EriZone & OTRS, EriZone Security Advisories | 0 comments

A vulnerability has been detected on the agent interface of the EriZone – OTRS system. The following is valid for all OTRS 3.3.x, Erizone 3.x and EriZone 5.x systems.

This vulnerability takes advantage of a Code injection in Kernel/System/Spelling.pm and is classified with a severity of 8.6 (high).

To guarantee the security of your system, we recommend applying last released patches.

 
For EriZone 5.2:

Via Admin >> Package Manager
Click on “Update repository information” and upgrade the packages strictly in the following sequence:

  • EriZoneCore
  • EriZoneTheme

 

For EriZone 3.6:

Via Admin >> Package Manager
Click on “Update repository information” and upgrade package:

  • EriZoneCore

 

For both systems, after previous procedure use a console to launch following commands:

  • /opt/otrs/scripts/EriZone/erizone.global_makelink
  • /opt/otrs/scripts/EriZone/Permissions.sh
  • /opt/otrs/scripts/EriZone/RestartEriZone.sh

 

Further information regarding this topic can be found on https://www.otrs.com/security-advisory-2017-07-security-update-otrs-framework/

The update on Erizone 5.2 will also fix some other theme bugs.

 


 

Technical details:

  • Date: 2017-11-21
  • Title: Remote code execution
  • Severity: 8.6 high
  • Product: OTRS 3.3.*, EriZone 3.* and EriZone 5.*
  • ID: OSA-2017-07
Read More

EriZone to EriZone communication via web services

Posted by on Nov 14, 2017 in EriZone & OTRS | 0 comments

EriZone_GI

The Generic Interface (GI) is an OTRS framework that allows EriZone5 to communicate with other systems via web service. The communication can be bidirectional: EriZone5 can act both as a service provider and/or as a service requestor.
You can use the GI to define a “Webservice” and to configure its behavior as a requestor and/or a provider. “Operations” can be defined and configured in order to perform the requested actions internally. In the other case, when a request should be performed by a remote system, “Invokers” can be defined and configured to forward the request. Inside both the Operations and the Invokers it is possible to define, when required, a data mapping between the communicating systems in order to receive/send formatted data.
For both the provider and the requestor you can define the “Network transport” which is the protocol over which OTRS/EriZone5 will communicate with the remote systems (e.g. another EriZone5 server).

A simple example of a webservice where EriZone5 is acting as a requestor

A simple example of a webservice where EriZone5 is acting as a requestor

Read More

Deep Learning – a Recent Trend and Its Potential

Posted by on Nov 13, 2017 in NetEye | 0 comments

Artificial Intelligence (AI) refers to hardware or software that exhibits behavior which appears intelligent.  Machine Learning is a field of computer science that gives computers the ability to learn without being explicitly programmed.  Deep Learning is part of a broader family of machine learning methods based on learning data representations, as opposed to task-specific algorithms.

Gartner acknowledges Deep Learning to have delivered technology breakthroughs recently and they regard it as the major driver toward artificial intelligence.

One can expect a significant impact on most industries over the next three to five years.  It’s just one more reason to act now and understand its real potential.  Below I will answer the three questions I have been asked most often about deep learning over the last few months.

DL BootCamp

Susanne Greiner, Wuerth Phoenix @ Deep Learning BootCamp with experts from Google, Nvidia & Zalando Research, Dresden 2017

What is Deep Learning?

Read More

Microsoft ADFS integration with Shibboleth

Posted by on Nov 9, 2017 in Microsoft Management | 0 comments

Header_Blog
Starting with the Windows Server 2003 R2 version, Microsoft introduced the Active Directory Federation Services (ADFS), a software component which provides users with single sign-on access to systems and applications located across organizational boundaries.
ADFS is part of the Active Directory Services.

The authenticated user is provided with a series of Claims related to his / her identity that are inserted into a Token, which is digitally signed (a SAML Token). This token is then recognized and used by the various applications that accept this authentication scheme which enables Single Sign On mode for an application.

The advantage is that the user authenticates once on the ADFS service and then does not need to provide his/her credentials again to the various application servers that may also be outside the network containing the Active Directory Domain.

Read More

XtremIO EMC Storage Monitoring with NetEye

Posted by on Nov 7, 2017 in NetEye | 0 comments

NetEye_XtremeIO
If you need to monitor a Dell EMC Storage XtremIO unit, then I have the right solution for you. Not long ago, I wrote an XtremIO storage tracking plug-in that can execute the following activities:

  • XTREMIO_CTRL_Status: monitors the controllers and the hardware status
  • XTREMIO_DPG_Status: controls the DPG groups from the storage array
  • XTREMIO_Storage_Efficiency: verifies and displays the actual XtremeIO “deduplication and compression” efficiency
  • XTREMIO_Storage_Space: checks the available storage space

But how does it work?

Read More

Sending Cisco Syslogs to Elasticsearch: A simple guide

Posted by on Oct 31, 2017 in Log Auditing, NetEye, Syslog | 0 comments

Elasticsearch
Do you use Cisco’s network infrastructure? Would you like to view its logs through the syslog protocol in an Elasticsearch database? Find out below about the filters and templates needed for the Logstash setup.

As you probably already know, you need a Logstash instance in order to get indexed data into the Elasticsearch database. Cisco is a well-known network device provider, so it is crucial to have a workable solution to index the logs that can be retrieved from these devices.

Read More

Oracle Exadata Monitoring with NetEye

Posted by on Oct 18, 2017 in NetEye | 0 comments

OracleExadata_01

More and more often I’ve needed to integrate an Oracle Exadata system with NetEye Monitoring.  The Oracle Exadata Database Machine is a combined compute and storage system marketed for running Oracle Database software.

The best way to integrate the Oracle Exadata system is to use SNMP Trap alerting.  Then, it depends on your particular Oracle installation whether you are using only the Exadata System or also the Oracle Enterprise Manager.  If you are only using the Exadata system, you can configure your alerts on it and send them via SNMP alerting to NetEye.  If you are also using the Enterprise Manager, you can first configure the alerts on the Oracle Enterprise Manager before configuring SNMP Trap alerting to send the alerts to NetEye.

Read More

Eindrücke von der it-sa 2017

Posted by on Oct 17, 2017 in NetEye | 0 comments

Es kommt wohl selten vor, dass sich Besucher, Aussteller und Organisatoren über den Erfolg eines Messeformates so einig waren. Bei der it-sa 2017, die letzte Woche in Nürnberg stattfand, war dies der Fall. Neben der RSA in San Francisco zur mittlerweile größten IT Security-Messe weltweit avanciert, ist es wohl die letzte große deutsche Ausstellerplattform in der Branche, die einen starken Aufwärtstrend verzeichnen kann.

Wir möchten uns bei allen Standbesuchern nochmals herzlich für das Interesse bedanken. Uns war es eine Freude, Ihnen unser Angebot rund um NetEye, EriZone und ntop vorgestellt haben zu dürfen. Wir würden uns freuen, Sie auch nächstes Jahr begrüßen zu dürfen.

itsa_02
« 1 of 10 »
Read More

Hyper-V monitoring: Here’s some tips!

Posted by on Sep 26, 2017 in Capacity Management, Nagios, Nagios-Plugins, NetEye | 0 comments

Network traffic monitoring is traditionally based on SNMP queries. This protocol generates statistics on the transmission of data across one or more network interfaces.

While network device queries still run through SNMP, using Microsoft Hyper-V monitoring requires the adoption of other approaches. One of the reasons is the network connection configuration itself: for example, many physical network interfaces of a Hyper-V device belong to a logical interface that can also distribute network traffic to multiple network devices, such as multiple switches. Another reason for using an alternative approach is that Microsoft has abandoned the maintenance of SNMP services on their operating systems.

Consider a physical network with the following configuration: a physical Hyper-V host has two active physical network connections that are connected to the network via two switches.

Esempio di cablaggio di una rete fisica

Example of a physical network

Read More

NetEye & EriZone User Group: il programma

Posted by on Sep 25, 2017 in EriZone & OTRS, NetEye | 0 comments

UserGroup

NetEye & EriZone User Group

Sfide e opportunità per l’IT Management 4.0

Connectbay, Mantova, Giovedì 19 ottobre 11:00 – 17:00

Vi aspettiamo il 19 ottobre al NetEye & EriZone User Group. L’evento offrirà un’occasione unica a tutti i nostri clienti per scoprire le ultime novità nell’IT System & Service Management, individuare i requisiti necessari per adeguarsi al GDPR (General Data Protection Regulation) e partecipare attivamente alla definizione della fase evolutiva delle nostre soluzioni.

A chi è rivolto l’evento:

A tutti i clienti e utilizzatori di NetEye e EriZone.

Data e location:

  •  Giovedì, 19 ottobre 2017, ore 11:00 – 17:00
  •  Connectbay, via Rita Castagna 1, Mantova

Il programma:

    •  Ecco il programma [PDF]

 

La partecipazione è gratuita e può essere estesa anche ai vostri colleghi. Per registrarsi è sufficiente inviare una email al seguente indirizzo usergroup@wuerth-phoenix.com.
Read More

Our contribution to the “Digital Business Forum”

Posted by on Sep 22, 2017 in EriZone & OTRS, NetEye | 0 comments

Digital Business Transformation has more than ever a strong impact on enterprise business models, the way we work and on how operational processes are faultlessly supported by high availability IT services. Best practices to leverage these changes and transform them into opportunities was the main topic of the “Digital Business Forum”, held last week in Bolzano.

Experts form Microsoft Austria, the Fraunhofer Institute, the University of Bolzano and Würth Phoenix highlighted practical experiences and gave insights on their mid-term market visions to stimulate a new way of doing business. See here a brief video-summary of the event.

Read More

EriZone – Security Advisory

Posted by on Sep 21, 2017 in EriZone & OTRS, EriZone Security Advisories | 0 comments

A vulnerability has been detected on the agent interface of the EriZone – OTRS system. The following is valid for all OTRS 3.3.x, Erizone 3.x and EriZone 5.x systems.

This vulnerability takes advantage of a hole in agent statistics module and has been classified with a “high” risk.

To guarantee the security of your system, we recommend applying last released patches.

 
For EriZone 5.2:

Via Admin >> Package Manager
Click on “Update repository information” and upgrade the packages strictly in the following sequence:

  • EriZoneCore
  • EriZoneServiceDeskEnhancement
  • EriZoneTheme

 

For EriZone 3.6:

Via Admin >> Package Manager
Click on “Update repository information” and upgrade package:

  • EriZoneCore

 

For both systems, after previous procedure use a console to launch following commands:

  • /opt/otrs/scripts/EriZone/erizone.global_makelink
  • /opt/otrs/scripts/EriZone/Permissions.sh
  • /opt/otrs/scripts/EriZone/RestartEriZone.sh

 

Further information regarding this topic can be found on https://www.otrs.com/security-advisory-2017-04-security-update-otrs-versions/

The update for Erizone 5.2 will also fix two more bugs.

 


 

Technical details:

  • Date: 2017-09-19
  • Title: Code Injection / Privilege Escalation OTRS
  • Severity: High
  • Product: OTRS 3.3.*, EriZone 3.* and EriZone 5.*
  • ID: OSA-2017-04
Read More