31. 01. 2019 Thomas Forrer NetEye, Release Notes

NetEye 4.4 and NetEye 3.16 Release Notes

NetEye 4.4 Release Notes

Welcome to version 4.4 of our NetEye v4 Unified Monitoring Solution. Following version 4.3, the new and updated features in this version focus on Geo Map for showing host and service state on a geographical map, an Audit Log that records changes to the NetEye configuration, integration of Log Management with Search Guard, a new event handler called Tornado, and updated specifications for the 2019 NetEye appliance hardware.

Product: NetEye
Release Number: 4.4
Release Date: January 31, 2019
Release Type: Minor
Previous Release: 4.3

System Requirements: NetEye 4.3

These release notes for NetEye 4.4 describe new features and improvements compared to version 4.3.  The complete change log, which includes all fixed issues, is available in the updated NetEye documentation (see the section “Starting your Upgrade” below).

New Features

Geo Map (NEPROD-418,419,420,422,524)

We have created a new module named Geo Map that uses the latest open source map technology (OpenStreetMap, Leaflet) to show the state of hosts on a geographical map.  Once hosts have their geolocation tagged and deployed within Director, their host groups can be added to layers, and those layers can be visualized across multiple user-defined, zoomable world maps.   The map contains markers linked to a customizable monitoring-style view of the hosts at that map location.  Maps can then be added as dashlets to the Dashboard, customized by modifying their URL, and searched using Lampo Quick Search.  Users can be assigned the roles admin, editor and viewer.

Audit Log (NEPROD-421,507,508)

We have added the new Audit Log module that keeps a record of all changes to the internal NetEye configuration. It shows a list of all date-ordered configuration modifications (CreateModifyDelete and Deploy) that can be filtered according to module and user, for each module that implements the Audit Log API (as of today this includes Geo Map).  For some users you may need to change the default Audit Log permissions as described at User Guide > Audit Log > Features.

Improvements

Log Management (NEPROD-353,400,406,509)

NetEye users and roles have been integrated with the Log Analytics, allowing for automatic authentication and authorization.  Log Analytics requires that each user have a minimum set of permissions and Search Guard roles, described in User Guide > Log Manager > Configuring Search Guard Roles.

The secure communication provided by Search Guard requires additional parameters such as authentication certificates to interact with Elastic Stack and Search Guard APIs. To simplify the interaction with those APIs, we have provided some helper tools.  More information is available at User Guide > Log Manager > Search Guard Helper Tools.

There are special instructions for updating Log Management modules for clusters; these can be found beginning in the section User Guide > Upgrading.

Updates to the User Guide (NEPROD-394,409)

The user guide has been updated to include the following new content:

  • The NetEye appliance section has been improved by adding a new RAID controller that is more innovative compared to the previous generation due to increasing the I/O Cache to 8GB.  This is reflected in the updated technical specifications for NetEye appliance models Ebs+, Ebs and Cbs+.
  • We wrote a new section detailing how user authentication, user groups, and permissions work in NetEye.

Update Safed Agent TLS (NEPROD-489)

We have adopted GnuTLS 3.6.5  to allow secure communications by supporting TLS 1.2 (minimum) and TLS 1.3.

Module Updates

The following modules have been updated:

  • Windows Safed agent from 1.9.0 to 1.9.1
  • Unix/Linux Safed agent from 1.9.0 to 1.9.1
  • Elasticsearch from 6.2.4 to 6.5.4
  • Kibana from 6.2.4 to 6.5.4
  • Logstash from 6.2.4 to 6.5.4
  • Search Guard Elasticsearch Plugin from 23 to 24
  • Search Guard  Kibana Plugin from 14 to 17
  • DRBD from 9.0.14 to 9.0.16
  • DRBD Utils from 9.3.1 to 9.7.1

Deprecations

Log Management

This release prohibits modifications to the default Search Guard system roles and authentication/authorization configurations.  All prior changes of the default and system configuration will be removed during this update, and any future changes will be overwritten at the next Search Guard configuration update.

Technical Preview

Tornado is the spiritual successor to our NetEye Event Handler.  It is a plugin-based, stateless, scalable rule matching engine written in Rust, based on the Actix framework and focused on high performance.  The Tornado engine is able to parse events emitted by rsyslog and snmptrapd, and either conditionally write to a log file or run a custom script based on the rule set.  (NEPROD-402,405,429,474,475,477,495)

Starting your Upgrade

To receive the upgrade, ensure that NetEye is up to date by running this command in a shell:

yum update --enablerepo=neteye

Then click on the purple notification box next to the System menu item and follow the linked documentation.

NetEye 3.16 Release Notes

Welcome to the 3.16 version of our NetEye 3 Unified Monitoring Solution.

Product: NetEye
Release Number: 3.16
Release Date: January 31, 2019
Release Type: Minor
Previous Release: 3.15

System Requirements: NetEye 3.15

These release notes for NetEye 3.16 describe the improvements to version 3.15, and provide information on how to upgrade. The complete change log, which includes all fixed issues, is available in the “What’s New” section of the updated NetEye documentation.

Improvements

Monitoring Status Aggregation for Distributed Service Views (NEPROD-378)

We integrated a distributed service check that invokes a single standard service check multiple times over a large number of hosts, aggregates the results (e.g., the total number of warnings and criticals over all those hosts), and then generates a monitoring response depending on whether those sums exceeded the thresholds passed to the distributed check.  For a practical example, see this NetEye blog post.

How to Upgrade

Upgrading from NetEye 3.15 to NetEye 3.16 can be performed locally by following the documentation already provided in NetEye 3.15. This upgrade procedure will still be possible for all future NetEye 3 minor releases. The base requirement is a NetEye 3.15 installation based on CentOS 6.

Step 1:

Update the NetEye 3.15 documentation package with the following command:

yum --enablerepo=neteye update neteye-documentation

Step 2:

Execute the upgrade procedure as described in the just updated documentation section “What’s New in NetEye?” at the link under “NetEye Upgraded Documentation”.

Thomas Forrer

Thomas Forrer

Team Leader Research & Development at Würth Phoenix
Hi folks! I began loving computer since 1994, it was still the time of windows 3.1. Immediately I learned starting DOS games from the command promt, and while typing some white text on black background I felt like some hackish dude in a hollywoodian movie. Later during the studies at the university, I discovered the magic world of opensource, and it was love at first sight. Finally I got rid of BSOD's =) I love everything that is connected to some network, especially in a security perspective. My motto is: "With motivation, nothing is impossibile. It only requires more time."

Author

Thomas Forrer

Hi folks! I began loving computer since 1994, it was still the time of windows 3.1. Immediately I learned starting DOS games from the command promt, and while typing some white text on black background I felt like some hackish dude in a hollywoodian movie. Later during the studies at the university, I discovered the magic world of opensource, and it was love at first sight. Finally I got rid of BSOD's =) I love everything that is connected to some network, especially in a security perspective. My motto is: "With motivation, nothing is impossibile. It only requires more time."

Leave a Reply

Your email address will not be published. Required fields are marked *

Archive