Elastic 7.3 is coming to NetEye 4.8. In order to prepare for this significant change, you must first update Log Manager on NetEye 4.7 to receive the Elastic 6.8.2 update that will set up the necessary migrations for updating Elasticsearch, Logstash and Kibana.
In addition to the ELK stack, SearchGuard will also be updated to the latest available version for “SearchGuard 6”, which are SearchGuard 25.4 and Kibana plugin 18.5.
When updating to Elastic 6.8.2, there will be no additional steps beyond those typically required, so please refer to our standard update procedure: User Guide > Upgrading and Updating > Updating NetEye
Please note that, as usual, any .rpmnew and .rpmsave files must be migrated User Guide > Upgrading and Updating > Migrate .rpmsave / .rpmnew Files. The directory /usr/share/elasticsearch/plugins/search-guard-6/ will be removed in future updates and the presence of any .rpmsave or .rpmnew files will prevent its deletion and therefore cause errors when Elasticsearch starts up.
Hi, my name is Michele Santuari and I am a Telecommunication engineer felt in love with OpenFlow, the first attempt of centralized network management, provisioning, and monitoring. I embraced the Software Defined Networking approach to discover a passion for programming languages. Now, I am into Agile methodologies and crazy development process management.
Author
Michele Santuari
Hi, my name is Michele Santuari and I am a Telecommunication engineer felt in love with OpenFlow, the first attempt of centralized network management, provisioning, and monitoring. I embraced the Software Defined Networking approach to discover a passion for programming languages. Now, I am into Agile methodologies and crazy development process management.
The main goal of a monitoring system like NetEye is to alert and notify you when something noteworthy happens in your environment. All the logs coming in to NetEye SIEM can be analyzed, and could raise one or more alerts Read More
In this blog post I will describe a potential use of Tornado to monitor events in near real-time, while keeping historical information about the received events. Use Case Often as a user I want to collect data from different sources, Read More
A bug has been discovered on NetEye modules logmanagement and SIEM. If affected, rsyslog directories on system might be created with wrong permissions causing Logstash to be unable to load log lines of some hosts inside Elasticsearch. Users might also Read More
The use case of this blog is about monitoring COVID-19 in Italy. The data used is public, and the source is the Protezione Civile (Italian Civil Protection Office), which updates the data every day after 18:00 on GitHub at the Read More
I have several clients who’ve asked me how they can prevent a brute force attack inside their Windows Infrastructure. This is the use case for this blog post, a solution for which I’ve been studying using NetEye together with its Read More