13. 03. 2020 Luca Franzoi Bug Fixes, Log Management, Log-SIEM, NetEye, Unified Monitoring

Bug discovered on NetEye module logmanagement and SIEM

A bug has been discovered on NetEye modules logmanagement and SIEM.
If affected, rsyslog directories on system might be created with wrong permissions causing Logstash to be unable to load log lines of some hosts inside Elasticsearch. Users might also receive an error message trying to check signatures for some hosts inside Logmanager Log Check.
All NetEye systems with neteye-logmanagement or netey-siem modules installed might be affected .

To check your system run following command:

find /neteye/shared/rsyslog/data/ -not -perm 770 -type d -exec ls -lad {} \; | grep "dr-------T."

If the provided command returns some results your system is affected.
Please apply the following workaround to fix it until an official bug-fix is provided:

  1. Run command: crontab –e
  2. Add following line:
    30 00 * * * /usr/bin/find /neteye/shared/rsyslog/data/ -not -perm 770 -a -not -perm 750 -type d -exec /usr/bin/chmod 770 {} \; > /dev/null
  3. Save the file

Previous steps must be executed on every NetEye node.

If you need further information, or experience some problem applying the fix, feel free to contact our support team using one of the following options:

Luca Franzoi

Luca Franzoi

Service & Support Engineer at Würth Phoenix

Author

Luca Franzoi

Latest posts by Luca Franzoi

14. 01. 2020 NetEye, Unified Monitoring
Using Nmap as an Import Source for NetEye 4
10. 12. 2019 Downloads / Release Notes, ITOA, NetEye, Unified Monitoring
Grafana User Management Deprecation in NetEye 4.10
03. 09. 2019 Bug Fixes, NetEye
Security Fix for NetEye 3.17
27. 11. 2017 Service Management
EriZone – Security Advisory
27. 11. 2017 Service Management
EriZone – Security Advisory
See All

Related Content

Tags: , , , , , ,

19. 09. 2021 ITOA, NetEye, Unified Monitoring

Understanding Instability in a Monitored Environment

Whenever a new monitoring project gets underway, a consultant discusses with the customer about almost any related topic: what needs to be monitored, how to monitor it, when to implement it, how to represent performance data, etc. Based on customer Read More
14. 09. 2021 Bug Fixes, NetEye

Bug Fixes for NetEye 4.19

We fixed a bug that caused the yum groups "neteye" and "neteye-tools" to not being marked as installed on some NetEye instances. For NetEye 4.19 we updated the following packages: neteye-setup to version 1.75.1-1
10. 09. 2021 Bug Fixes, NetEye

Bug Fixes for NetEye 4.19

We fixed a bug that caused the ES_CLUSTER_INITIAL_MASTER variable to be overwritten when a new Elastic-only node was added to the cluster. For NetEye 4.19 we updated the following packages: apm-server, apm-server-autosetup, apm-server-neteye-config, elasticsearch, elasticsearch-autosetup, elasticsearch-neteye-config, elasticsearch-xpack-license, filebeat, filebeat-autosetup, filebeat-neteye-config, Read More
09. 09. 2021 Bug Fixes, NetEye

Bug Fixes for NetEye 4.19

We fixed a bug in the Analytics Module that sometimes failed to render a custom dashboard correctly. We fixed also a bug in the ntopng SSO that didn't allow the users with the "." (dot) contained in the username to Read More
07. 09. 2021 Bug Fixes, Log-SIEM, NetEye

Bug Fixes for NetEye 4.19

We fixed two bugs in Logstash: an issue related to corrupted jvm.options configuration files, which prevents Logstash from starting properlya pipeline bug will cause Logstash to index every time in the same index which will grow up infinitely if a Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

Search by technology

Contact

Contact us
Serviceportal
net.support@wuerth-phoenix.com

Subscribe to Feed

Article     Comments
Insert your E-Mail address:

Archive