Fix IcingaDB password file sync on all cluster nodes. We have resolved an issue that caused an IcingaDB password file to be present only on one node in a cluster installation. This could lead to failures during NetEye updates and upgrades. List of updated packages To solve the issue mentioned above, the following packages have…
Read MoreAs you should already know, with NetEye 4.45 we officially began the transition from Icinga IDO to IcingaDB (see NetEye 4.45 Release Notes | www.neteye-blog.com). This means that IDO has been deprecated on NetEye. We’re now reaching the end of this transition: with NetEye 4.48 IDO will be officially removed from your NetEye without further…
Read MoreDuring our consulting activities we frequently find ourselves having to collect data from SNMP devices that do not support SNMPv3 for data encryption. This type of traffic is readable on the network and can create security problems and noncompliance with company certifications, for example ISO27K. For this reason, you might have devices segregated on a…
Read MoreHow we adapted our monitoring approach when the default choice didn’t fitand what we learned along the way. You’ve probably been there. You walk into a new observability project, playbook in hand, only to realize that no two projects are ever really the same. Every team has its own tools, its own platform quirks, and…
Read MoreSOAR for Controlled Response SOAR is often described in broad terms: orchestration, automation, response, integration. That’s true, but it can also feel vague. A simpler way to explain it is this: SOAR helps a SOC turn a decision into action without repeating the same manual steps every time. This matters most when the action is…
Read MoreElastiFlow collects NetFlow data from networks, such as NetFlow, sFlow, or IPFIX. This data can be sent by routers, switches, probes and other devices. The ElastiFlow Engine then processes this data and optimizes its normalization before writing it to a database such as Elasticsearch. What makes ElastiFlow particularly interesting is that it is well suited…
Read MoreWith Elastic Observability we can create alerts on all data we collect, such as logs, metrics, application services and synthetic monitoring. However, NetEye represents the main operational console from which to monitor the entire infrastructure. By sending alarms from Elastic Observability to NetEye via Tornado, we can also bring this information into the NetEye console,…
Read MoreWhy a Purple Team Program Makes Cybersecurity More Effective In today’s cybersecurity landscape, having defensive tools in place is no longer enough. Firewalls, SIEM platforms, detection rules, playbooks, and threat intelligence feeds are all essential components, but the real question is this: how well do they actually perform under realistic attack conditions? This is where…
Read MoreImportant: GLPI security update Type/Severity NetEye Product Security has rated this update as having a high security impact. Topic An update for the glpi packages is now available for NetEye 4. Security Fix for NetEye 4.47 Summary The vulnerabilities include two Stored XSS, an Arbitrary file deletion, an Arbitrary item deletion, Arbitrary files access and two unauthorized actions….
Read MoreWelcome back to our continuing series on budget-friendly methods for making video tutorials. With today’s post I’m going to start a 3-parter on Teleprompters. I’ve previously described Teleprompter hardware and setup, but today I want to talk more about usage recommendations now that I’ve been using one for several years. Also remember that a teleprompter…
Read MoreNode export in the Tornado Processing Tree was broken on Firefox The bug was caused by a divergence between Firefox and Chrome in blob handling with CSP. Issue resolved, behavior is now consistent across both browsers. List of updated packages To solve the issues mentioned above, the following packages have been updated: icingaweb2-module-tornado-3.2.3-1, icingaweb2-module-tornado-autosetup-3.2.3-1, icingaweb2-module-tornado-configurator-3.2.3-1
Read MoreThere is a technology inside modern Linux systems that: It can do all of this (and much more) without the need of kernel modules;that technology is eBPF. The aim of this article is to provide an overview of the technology, present several use cases, and address potential misuse from an offensive security perspective. A Bit…
Read MoreProcessing Tree Rendering Issue We shipped a fix for a rendering bug in the Tornado UI Processing Tree. Under specific conditions, navigating back to the dashboard after expanding tree nodes caused the tree to render incorrectly nodes would appear collapsed, misaligned, or in a broken state. List of updated packages To solve the issues mentioned…
Read MoreRole Search Now Works in Access Control We’ve fixed the search functionality in the Roles view under Configuration – Access Control, so you can now find roles instantly without any errors. List of updated packages To solve the issues mentioned above, the following packages have been updated: icingaweb2-2.12.4_neteye1.155.2-1, icingaweb2-autosetup-2.12.4_neteye1.155.2-1 icingaweb2-configurator-2.12.4_neteye1.155.2-1
Read MoreImportant: Elastic Stack security update Type/Severity NetEye Product Security has rated this update as having a high security impact. Topic An update for the elastic stack packages are now available for NetEye 4, with a special focus on Kibana and Logstash. Security Fix for NetEye 4.47 Summary There are several patched vulnerabilities: For details on how to apply…
Read More